diff --git a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps.md b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps.md
index 3e7fd7928a20..62b2e38fc5fd 100644
--- a/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps.md
+++ b/content/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps.md
@@ -1,5 +1,5 @@
---
-title: Requesting organization approval for OAuth Apps
+title: Requesting organization approval for OAuth apps
intro: 'Organization members and outside collaborators can request that an owner approve access to organization resources for {% data variables.product.prodname_oauth_apps %}.'
redirect_from:
- /articles/requesting-organization-approval-for-third-party-applications
@@ -13,7 +13,7 @@ versions:
ghec: '*'
topics:
- Accounts
-shortTitle: Request OAuth App approval
+shortTitle: Request {% data variables.product.prodname_oauth_app %} approval
---
## About requesting organization approval for an {% data variables.product.prodname_oauth_app %}
diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md
index 559c9c697711..5daea8baca8c 100644
--- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md
+++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md
@@ -664,32 +664,30 @@ Before you'll see `git` category actions, you must enable Git events in the audi
| Action | Description
|--------|-------------
-| `oauth_application.create` | An [OAuth application][] was created for a user or organization account.
-| `oauth_application.destroy` | An [OAuth application][] was deleted from a user or organization account.
+| `oauth_application.create` | An [{% data variables.product.prodname_oauth_app %}](/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app) was created for a user or organization account.
+| `oauth_application.destroy` | An [{% data variables.product.prodname_oauth_app %}](/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app) was deleted from a user or organization account.
{%- ifversion fpt or ghec %}
-| `oauth_application.generate_client_secret` | An [OAuth application][]'s secret key was generated.
-| `oauth_application.remove_client_secret` | An [OAuth application][]'s secret key was deleted.
+| `oauth_application.generate_client_secret` | An [{% data variables.product.prodname_oauth_app %}](/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app)'s secret key was generated.
+| `oauth_application.remove_client_secret` | An [{% data variables.product.prodname_oauth_app %}](/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app)'s secret key was deleted.
{%- endif %}
-| `oauth_application.reset_secret` | An [OAuth application][]'s secret key was reset.
+| `oauth_application.reset_secret` | An [{% data variables.product.prodname_oauth_app %}](/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app)'s secret key was reset.
{%- ifversion fpt or ghec %}
-| `oauth_application.revoke_all_tokens` | All user tokens for an [OAuth application][] were requested to be revoked.
+| `oauth_application.revoke_all_tokens` | All user tokens for an [{% data variables.product.prodname_oauth_app %}](/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app) were requested to be revoked.
{%- endif %}
-| `oauth_application.revoke_tokens` | Token(s) for an [OAuth application][] were revoked.
-| `oauth_application.transfer` | An [OAuth application][] was transferred from one user or organization account to another.
+| `oauth_application.revoke_tokens` | Token(s) for an [{% data variables.product.prodname_oauth_app %}](/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app) were revoked.
+| `oauth_application.transfer` | An [{% data variables.product.prodname_oauth_app %}](/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app) was transferred from one user or organization account to another.
{%- ifversion ghes or ghae %}
-| `oauth_application.unsuspend` | An [OAuth application][] was unsuspended for a user or organization account.
+| `oauth_application.unsuspend` | An [{% data variables.product.prodname_oauth_app %}](/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app) was unsuspended for a user or organization account.
{%- endif %}
- [OAuth application]: /apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app
-
{%- ifversion fpt or ghec %}
## `oauth_authorization` category actions
| Action | Description
|--------|-------------
-| `oauth_authorization.create` | An authorization for an OAuth application was created. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)."
-| `oauth_authorization.destroy` | An authorization for an OAuth application was deleted. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)."
-| `oauth_authorization.update` | An authorization for an OAuth application was updated. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)."
+| `oauth_authorization.create` | An authorization for an {% data variables.product.prodname_oauth_app %} was created. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)."
+| `oauth_authorization.destroy` | An authorization for an {% data variables.product.prodname_oauth_app %} was deleted. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)."
+| `oauth_authorization.update` | An authorization for an {% data variables.product.prodname_oauth_app %} was updated. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)."
{%- endif %}
## `org` category actions
diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/identifying-audit-log-events-performed-by-an-access-token.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/identifying-audit-log-events-performed-by-an-access-token.md
index 44793a2fa74c..b55072d4585e 100644
--- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/identifying-audit-log-events-performed-by-an-access-token.md
+++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/identifying-audit-log-events-performed-by-an-access-token.md
@@ -8,7 +8,7 @@ versions:
## About token data in the audit log
-In your enterprise's audit log, for any actions that were performed using a {% data variables.product.pat_generic %} or OAuth application for authentication, the event data will show the authentication method used and the SHA-256 hash of the token.
+In your enterprise's audit log, for any actions that were performed using a {% data variables.product.pat_generic %} or {% data variables.product.prodname_oauth_app %} for authentication, the event data will show the authentication method used and the SHA-256 hash of the token.
If you learn that a token was compromised, you can understand the actions taken by the compromised token by searching your enterprise's audit log for all events associated with that token.
diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise.md
index 6dce8d8cf480..fa2bb6f7af54 100644
--- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise.md
+++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise.md
@@ -82,7 +82,7 @@ Key | Value
{%- ifversion ghes or ghae %}
`note` | Miscellaneous event-specific information (in either plain text or JSON format).{% endif %}
{%- ifversion ghes or ghae %}
-`oauth_app_id` | ID of the OAuth application associated with the action.{% endif %}
+`oauth_app_id` | ID of the {% data variables.product.prodname_oauth_app %} associated with the action.{% endif %}
`operation` | Operation type that corresponds with the action. Operation types are `create`, `access`, `modify`, `remove`, `authentication`, `transfer`, and `restore`.
{%- ifversion ghes or ghae %}
`org` | Name of the organization affected by the action (if applicable).{% endif %}
diff --git a/content/apps/creating-github-apps/about-creating-github-apps/about-creating-github-apps.md b/content/apps/creating-github-apps/about-creating-github-apps/about-creating-github-apps.md
index 39725d7928b8..3ecb060b412f 100644
--- a/content/apps/creating-github-apps/about-creating-github-apps/about-creating-github-apps.md
+++ b/content/apps/creating-github-apps/about-creating-github-apps/about-creating-github-apps.md
@@ -30,7 +30,7 @@ Common use cases for {% data variables.product.prodname_github_apps %} include:
- As a developer tool, allowing users to work with {% data variables.product.prodname_dotcom %} by signing into your {% data variables.product.prodname_github_app %}, which can then act on their behalf
- Integrating your tool or external service with {% data variables.product.company_short %}
-Like OAuth Apps, {% data variables.product.prodname_github_app %}s use OAuth 2.0 and can act on behalf of a user. Unlike OAuth Apps, {% data variables.product.prodname_github_app %}s can also act independently of a user.
+Like {% data variables.product.prodname_oauth_apps %}, {% data variables.product.prodname_github_app %}s use OAuth 2.0 and can act on behalf of a user. Unlike {% data variables.product.prodname_oauth_apps %}, {% data variables.product.prodname_github_app %}s can also act independently of a user.
{% data variables.product.prodname_github_apps %} can be installed directly on organizations and personal accounts and granted access to specific repositories. They come with built-in webhooks and narrow, specific permissions.
diff --git a/content/apps/creating-github-apps/about-creating-github-apps/migrating-oauth-apps-to-github-apps.md b/content/apps/creating-github-apps/about-creating-github-apps/migrating-oauth-apps-to-github-apps.md
index 010b8f67b5da..87525608b70b 100644
--- a/content/apps/creating-github-apps/about-creating-github-apps/migrating-oauth-apps-to-github-apps.md
+++ b/content/apps/creating-github-apps/about-creating-github-apps/migrating-oauth-apps-to-github-apps.md
@@ -1,5 +1,5 @@
---
-title: Migrating OAuth Apps to GitHub Apps
+title: Migrating OAuth apps to GitHub Apps
intro: 'Learn about the advantages of migrating your {% data variables.product.prodname_oauth_app %} to a {% data variables.product.prodname_github_app %}, and learn how to migrate your {% data variables.product.prodname_oauth_app %}.'
redirect_from:
- /apps/migrating-oauth-apps-to-github-apps
diff --git a/content/apps/creating-github-apps/authenticating-with-a-github-app/refreshing-user-access-tokens.md b/content/apps/creating-github-apps/authenticating-with-a-github-app/refreshing-user-access-tokens.md
index 3f1170c35e48..d2f14a197319 100644
--- a/content/apps/creating-github-apps/authenticating-with-a-github-app/refreshing-user-access-tokens.md
+++ b/content/apps/creating-github-apps/authenticating-with-a-github-app/refreshing-user-access-tokens.md
@@ -25,7 +25,7 @@ shortTitle: Refresh user access tokens
To enforce regular token rotation and reduce the impact of a compromised token, you can configure your {% data variables.product.prodname_github_app %} to use user access tokens that expire. If your app uses user access tokens that expire, then you will receive a refresh token when you generate a user access token. The user access token expires after eight hours, and the refresh token expires after six months. For more information, see "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-user-access-token-for-a-github-app)."
-You can use the refresh token to generate a new user access token and a new refresh token. Once you use a refresh token, that refresh token and the old user access token will not longer work.
+You can use the refresh token to generate a new user access token and a new refresh token. Once you use a refresh token, that refresh token and the old user access token will no longer work.
If your refresh token expires before you use it, you can regenerate a user access token and refresh token by sending users through the web application flow or device flow. For more information, see "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-user-access-token-for-a-github-app)."
diff --git a/content/apps/creating-github-apps/registering-a-github-app/creating-a-custom-badge-for-your-github-app.md b/content/apps/creating-github-apps/registering-a-github-app/creating-a-custom-badge-for-your-github-app.md
index b1ccfb69b6c8..66a25a26b3ca 100644
--- a/content/apps/creating-github-apps/registering-a-github-app/creating-a-custom-badge-for-your-github-app.md
+++ b/content/apps/creating-github-apps/registering-a-github-app/creating-a-custom-badge-for-your-github-app.md
@@ -14,44 +14,48 @@ versions:
ghec: '*'
topics:
- GitHub Apps
-shortTitle: Custom badges
+shortTitle: Custom badge
---
-By default, a new GitHub App will have an automatically generated [identicon](https://github.com/blog/1586-identicons).
-An identicon badge looks something like this:
-
+## About badges
-After you register a GitHub App, you can customize your app's badge by uploading a logo and selecting a background color. A badge is a square logo image inside of a circular badge. You can choose a background color for the badge, which can visually distinguish your app.
+Every {% data variables.product.prodname_github_app %} has a badge. A badge is a square image inside a circular background.
-Your logo should be a PNG, JPG, or GIF file under 1 MB in size. For the best quality rendering, we recommend an image size of at least 200px x 200px. {% ifversion fpt or ghec %}See "[AUTOTITLE](/apps/publishing-apps-to-github-marketplace/listing-an-app-on-github-marketplace/writing-a-listing-description-for-your-app#guidelines-for-logos)" for more guidance on customizing badges.{% endif %}
+By default, a new GitHub App will use an automatically generated identicon as a badge. An identicon badge looks something like this:
+
+
+
+After you register a GitHub App, you can customize your app's badge by uploading a logo and selecting a background color. Your logo should be a PNG, JPG, or GIF file under 1 MB in size. For the best quality rendering, we recommend an image dimension of 200 pixels by 200 pixels.
{% ifversion fpt or ghec %}
-You can change a custom badge for a GitHub App that already has an approved Marketplace listing by navigating to https://github.com/marketplace/manage.
+For more information about badges for {% data variables.product.prodname_github_app %}s in {% data variables.product.prodname_marketplace %}, see "[AUTOTITLE](/apps/publishing-apps-to-github-marketplace/listing-an-app-on-github-marketplace/writing-a-listing-description-for-your-app#guidelines-for-logos)." You can change a custom badge for a GitHub App that already has an approved Marketplace listing by navigating to https://github.com/marketplace/manage.
{% endif %}
-To create a custom badge:
+## Creating a custom badge
-{% data reusables.user-settings.access_settings %}
+{% data reusables.apps.settings-step %}
{% data reusables.user-settings.developer_settings %}
{% data reusables.user-settings.github_apps %}
{% data reusables.user-settings.modify_github_app %}
-1. Under "Display information," drag and drop an image from a local folder or click **Upload a logo** to select an image from your computer.
-1. Optionally, crop your image. When you're done, click **Set new avatar**.
-1. Under "Badge background color," type the [hexadecimal color code](http://www.color-hex.com/) of the background color for your badge.
+1. Under "Display information", drag and drop an image from a local folder or click **Upload a logo** to select an image from your computer.
+1. Optionally, crop your image.
+1. Click **Set new avatar**.
+1. Under "Badge background color", type the hexadecimal color code of the background color for your badge.
{% ifversion fpt or ghec %}
{% note %}
- **Note:** The "Badge background color" input field will only appear after you upload an application logo.
+ **Note:** The "Badge background color" input field will only appear after you upload a logo.
{% endnote %}
{% endif %}
+
{% ifversion fpt or ghec %}
## Next steps
-For more information about listing your {% data variables.product.prodname_github_app %} in {% data variables.product.prodname_marketplace %}, see "[AUTOTITLE](/apps/publishing-apps-to-github-marketplace/listing-an-app-on-github-marketplace)".
+For more information about listing your {% data variables.product.prodname_github_app %} in {% data variables.product.prodname_marketplace %}, see "[AUTOTITLE](/apps/publishing-apps-to-github-marketplace/listing-an-app-on-github-marketplace)."
{% endif %}
diff --git a/content/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app.md b/content/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app.md
index c6b3d0ba7865..0b281ecd69f2 100644
--- a/content/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app.md
+++ b/content/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app.md
@@ -1,6 +1,6 @@
---
-title: Authenticating to the REST API with an OAuth App
-shortTitle: Authenticate with an OAuth App
+title: Authenticating to the REST API with an OAuth app
+shortTitle: Authenticate with an {% data variables.product.prodname_oauth_app %}
intro: Learn about the different ways to authenticate with some examples.
redirect_from:
- /guides/basics-of-authentication
@@ -29,8 +29,8 @@ You can download the complete source code for this project [from the platform-sa
## Registering your app
-First, you'll need to [register your application][new oauth app]. Every
-registered OAuth application is assigned a unique Client ID and Client Secret.
+First, you'll need to [register your application](https://github.com/settings/applications/new). Every
+registered {% data variables.product.prodname_oauth_app %} is assigned a unique Client ID and Client Secret.
The Client Secret should not be shared! That includes checking the string
into your repository.
@@ -367,5 +367,4 @@ we would've seen the same confirmation dialog from earlier pop-up and warn us.
[libraries]: /rest/overview/libraries
[oauth scopes]: /apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps
[platform samples]: https://github.com/github/platform-samples/tree/master/api/ruby/basics-of-authentication
-[new oauth app]: https://github.com/settings/applications/new
[app settings]: https://github.com/settings/developers
diff --git a/content/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps.md b/content/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps.md
index a76a5696284b..090605b1f6b6 100644
--- a/content/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps.md
+++ b/content/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps.md
@@ -1,5 +1,5 @@
---
-title: Authorizing OAuth Apps
+title: Authorizing OAuth apps
intro: '{% data reusables.shortdesc.authorizing_oauth_apps %}'
redirect_from:
- /apps/building-integrations/setting-up-and-registering-oauth-apps/about-authorization-options-for-oauth-apps
@@ -16,7 +16,7 @@ versions:
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
---
{% note %}
@@ -33,9 +33,9 @@ Both {% data variables.product.prodname_oauth_app %}s and {% data variables.prod
If you want to skip authorizing your app in the standard way, such as when testing your app, you can use the [non-web application flow](#non-web-application-flow).
-To authorize your OAuth app, consider which authorization flow best fits your app.
+To authorize your {% data variables.product.prodname_oauth_app %}, consider which authorization flow best fits your app.
-- [web application flow](#web-application-flow): Used to authorize users for standard OAuth apps that run in the browser. (The [implicit grant type](https://tools.ietf.org/html/rfc6749#section-4.2) is not supported.)
+- [web application flow](#web-application-flow): Used to authorize users for standard {% data variables.product.prodname_oauth_apps %} that run in the browser. (The [implicit grant type](https://tools.ietf.org/html/rfc6749#section-4.2) is not supported.)
- [device flow](#device-flow): Used for headless apps, such as CLI tools.
## Web application flow
@@ -274,7 +274,7 @@ Non-web authentication is available for limited situations like testing. If you
## Redirect URLs
The `redirect_uri` parameter is optional. If left out, GitHub will
-redirect users to the callback URL configured in the OAuth Application
+redirect users to the callback URL configured in the {% data variables.product.prodname_oauth_app %}
settings. If provided, the redirect URL's host (excluding sub-domains) and port must exactly
match the callback URL. The redirect URL's path must reference a
subdirectory of the callback URL.
@@ -303,11 +303,11 @@ http://127.0.0.1:1234/path
Note that OAuth RFC [recommends not to use `localhost`](https://datatracker.ietf.org/doc/html/rfc8252#section-7.3), but instead to use loopback literal `127.0.0.1` or IPv6 `::1`.
-## Creating multiple tokens for OAuth Apps
+## Creating multiple tokens for {% data variables.product.prodname_oauth_apps %}
You can create multiple tokens for a user/application/scope combination to create tokens for specific use cases.
-This is useful if your OAuth App supports one workflow that uses GitHub for sign-in and only requires basic user information. Another workflow may require access to a user's private repositories. Using multiple tokens, your OAuth App can perform the web flow for each use case, requesting only the scopes needed. If a user only uses your application to sign in, they are never required to grant your OAuth App access to their private repositories.
+This is useful if your {% data variables.product.prodname_oauth_app %} supports one workflow that uses GitHub for sign-in and only requires basic user information. Another workflow may require access to a user's private repositories. Using multiple tokens, your {% data variables.product.prodname_oauth_app %} can perform the web flow for each use case, requesting only the scopes needed. If a user only uses your application to sign in, they are never required to grant your {% data variables.product.prodname_oauth_app %} access to their private repositories.
{% data reusables.apps.oauth-token-limit %}
@@ -315,9 +315,9 @@ This is useful if your OAuth App supports one workflow that uses GitHub for sign
## Directing users to review their access
-You can link to authorization information for an OAuth App so that users can review and revoke their application authorizations.
+You can link to authorization information for an {% data variables.product.prodname_oauth_app %} so that users can review and revoke their application authorizations.
-To build this link, you'll need your OAuth Apps `client_id` that you received from GitHub when you registered the application.
+To build this link, you'll need your {% data variables.product.prodname_oauth_app %}'s `client_id` that you received from GitHub when you registered the application.
```
{% data variables.product.oauth_host_code %}/settings/connections/applications/:client_id
@@ -325,7 +325,7 @@ To build this link, you'll need your OAuth Apps `client_id` that you received fr
{% tip %}
-**Tip:** To learn more about the resources that your OAuth App can access for a user, see "[AUTOTITLE](/rest/guides/discovering-resources-for-a-user)."
+**Tip:** To learn more about the resources that your {% data variables.product.prodname_oauth_app %} can access for a user, see "[AUTOTITLE](/rest/guides/discovering-resources-for-a-user)."
{% endtip %}
diff --git a/content/apps/oauth-apps/building-oauth-apps/best-practices-for-creating-an-oauth-app.md b/content/apps/oauth-apps/building-oauth-apps/best-practices-for-creating-an-oauth-app.md
index 3bfb2f0be25f..412f7c30643b 100644
--- a/content/apps/oauth-apps/building-oauth-apps/best-practices-for-creating-an-oauth-app.md
+++ b/content/apps/oauth-apps/building-oauth-apps/best-practices-for-creating-an-oauth-app.md
@@ -1,19 +1,19 @@
---
-title: Best practices for creating an OAuth App
+title: Best practices for creating an OAuth app
shortTitle: Best practices
-intro: 'Follow these best practices to improve the security and performance of your OAuth App.'
+intro: 'Follow these best practices to improve the security and performance of your {% data variables.product.prodname_oauth_app %}.'
versions:
fpt: '*'
ghes: '*'
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
---
## Use a {% data variables.product.prodname_github_app %} instead
-If possible, consider using a {% data variables.product.prodname_github_app %} instead of an OAuth App. In general, {% data variables.product.prodname_github_app %}s are preferred over {% data variables.product.prodname_oauth_app %}s. {% data variables.product.prodname_github_app %}s use fine-grained permissions, give the user more control over which repositories the app can access, and use short-lived tokens. These properties can harden the security of your app by limiting the damage that could be done if your app's credentials are leaked.
+If possible, consider using a {% data variables.product.prodname_github_app %} instead of an {% data variables.product.prodname_oauth_app %}. In general, {% data variables.product.prodname_github_app %}s are preferred over {% data variables.product.prodname_oauth_apps %}. {% data variables.product.prodname_github_app %}s use fine-grained permissions, give the user more control over which repositories the app can access, and use short-lived tokens. These properties can harden the security of your app by limiting the damage that could be done if your app's credentials are leaked.
Similar to {% data variables.product.prodname_oauth_app %}s, {% data variables.product.prodname_github_app %}s can still use OAuth 2.0 and generate a type of OAuth token (called a user access token) and take actions on behalf of a user. However, {% data variables.product.prodname_github_app %}s can also act independently of a user.
@@ -23,7 +23,7 @@ For more information about migrating an existing {% data variables.product.prodn
## Use minimal scopes
-Your OAuth App should only request the scopes that the app needs to perform its intended functionality. If any tokens for your app become compromised, this will limit the amount of damage that can occur. For more information, see "[AUTOTITLE](/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps)."
+Your {% data variables.product.prodname_oauth_app %} should only request the scopes that the app needs to perform its intended functionality. If any tokens for your app become compromised, this will limit the amount of damage that can occur. For more information, see "[AUTOTITLE](/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps)."
## Secure your app's credentials
@@ -45,7 +45,7 @@ If your app is a native client, client-side app, or runs on a user device (as op
## Use the appropriate token type
-OAuth Apps can generate user access tokens in order to make authenticated API requests. Your app should never use a {% data variables.product.pat_generic %} or {% data variables.product.company_short %} password to authenticate.
+{% data variables.product.prodname_oauth_apps %} can generate user access tokens in order to make authenticated API requests. Your app should never use a {% data variables.product.pat_generic %} or {% data variables.product.company_short %} password to authenticate.
## Make a plan for handling security breaches
diff --git a/content/apps/oauth-apps/building-oauth-apps/creating-a-custom-badge-for-your-oauth-app.md b/content/apps/oauth-apps/building-oauth-apps/creating-a-custom-badge-for-your-oauth-app.md
index ad5f739638ce..7c06d6e4b45c 100644
--- a/content/apps/oauth-apps/building-oauth-apps/creating-a-custom-badge-for-your-oauth-app.md
+++ b/content/apps/oauth-apps/building-oauth-apps/creating-a-custom-badge-for-your-oauth-app.md
@@ -1,5 +1,5 @@
---
-title: Creating a custom badge for your OAuth App
+title: Creating a custom badge for your OAuth app
intro: '{% data reusables.shortdesc.creating_custom_badges_oauth_apps %}'
redirect_from:
- /apps/building-oauth-apps/creating-custom-badges-for-oauth-apps
@@ -11,15 +11,15 @@ versions:
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
shortTitle: Create custom badges
---
-By default, a new OAuth App will have an automatically generated [identicon](https://github.com/blog/1586-identicons).
+By default, a new {% data variables.product.prodname_oauth_app %} will have an automatically generated [identicon](https://github.com/blog/1586-identicons).
An identicon badge looks something like this:
-After you create an OAuth App, you can customize the app's badge by uploading a logo and selecting a background color. A badge is a square logo image inside of a circular badge. You can choose a background color for the badge, which can be used to visually distinguish your app.
+After you create an {% data variables.product.prodname_oauth_app %}, you can customize the app's badge by uploading a logo and selecting a background color. A badge is a square logo image inside of a circular badge. You can choose a background color for the badge, which can be used to visually distinguish your app.
Your logo should be a PNG, JPG, or GIF file under 1 MB in size. For the best quality rendering, we recommend an image size of at least 200px x 200px. {% ifversion fpt or ghec %}See "[AUTOTITLE](/apps/publishing-apps-to-github-marketplace/listing-an-app-on-github-marketplace/writing-a-listing-description-for-your-app#guidelines-for-logos)" for more guidance on customizing badges.{% endif %}
diff --git a/content/apps/oauth-apps/building-oauth-apps/creating-an-oauth-app.md b/content/apps/oauth-apps/building-oauth-apps/creating-an-oauth-app.md
index 7f393d860d66..7bee425710c7 100644
--- a/content/apps/oauth-apps/building-oauth-apps/creating-an-oauth-app.md
+++ b/content/apps/oauth-apps/building-oauth-apps/creating-an-oauth-app.md
@@ -1,5 +1,5 @@
---
-title: Creating an OAuth App
+title: Creating an OAuth app
intro: '{% data reusables.shortdesc.creating_oauth_apps %}'
redirect_from:
- /apps/building-integrations/setting-up-and-registering-oauth-apps/registering-oauth-apps
@@ -12,7 +12,7 @@ versions:
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
---
{% note %}
@@ -51,7 +51,7 @@ For more information, see "[AUTOTITLE](/apps/oauth-apps/building-oauth-apps/diff
{% warning %}
- **Warning:** Only use information in your OAuth app that you consider public. Avoid using sensitive data, such as internal URLs, when creating an OAuth App.
+ **Warning:** Only use information in your {% data variables.product.prodname_oauth_app %} that you consider public. Avoid using sensitive data, such as internal URLs, when creating an {% data variables.product.prodname_oauth_app %}.
{% endwarning %}
@@ -61,11 +61,11 @@ For more information, see "[AUTOTITLE](/apps/oauth-apps/building-oauth-apps/diff
{% ifversion fpt or ghes or ghec %}
{% note %}
- **Note:** OAuth Apps cannot have multiple callback URLs, unlike {% data variables.product.prodname_github_apps %}.
+ **Note:** {% data variables.product.prodname_oauth_apps %} cannot have multiple callback URLs, unlike {% data variables.product.prodname_github_apps %}.
{% endnote %}
{% endif %}{% ifversion device-flow-is-opt-in %}
-1. If your OAuth App will use the device flow to identify and authorize users, click **Enable Device Flow**. For more information about the device flow, see "[AUTOTITLE](/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps#device-flow)."{% endif %}
+1. If your {% data variables.product.prodname_oauth_app %} will use the device flow to identify and authorize users, click **Enable Device Flow**. For more information about the device flow, see "[AUTOTITLE](/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps#device-flow)."{% endif %}
1. Click **Register application**.
## Further reading
diff --git a/content/apps/oauth-apps/building-oauth-apps/differences-between-github-apps-and-oauth-apps.md b/content/apps/oauth-apps/building-oauth-apps/differences-between-github-apps-and-oauth-apps.md
index dcf21d69c5f3..b15371a2e582 100644
--- a/content/apps/oauth-apps/building-oauth-apps/differences-between-github-apps-and-oauth-apps.md
+++ b/content/apps/oauth-apps/building-oauth-apps/differences-between-github-apps-and-oauth-apps.md
@@ -1,5 +1,5 @@
---
-title: Differences between GitHub Apps and OAuth Apps
+title: Differences between GitHub Apps and OAuth apps
intro: 'In general, {% data variables.product.prodname_github_app %}s are preferred to {% data variables.product.prodname_oauth_app %}s because they use fine-grained permissions, give more control over which repositories the app can access, and use short-lived tokens.'
redirect_from:
- /early-access/integrations/integrations-vs-oauth-applications
@@ -16,8 +16,8 @@ versions:
ghec: '*'
topics:
- GitHub Apps
- - OAuth Apps
-shortTitle: GitHub Apps & OAuth Apps
+ - OAuth apps
+shortTitle: GitHub Apps & {% data variables.product.prodname_oauth_app %}s
---
## About {% data variables.product.prodname_github_app %}s and {% data variables.product.prodname_oauth_app %}s
@@ -36,40 +36,40 @@ For more information about {% data variables.product.prodname_github_app %}s, se
For more information about migrating an existing {% data variables.product.prodname_oauth_app %} to a {% data variables.product.prodname_github_app %}, see "[AUTOTITLE](/apps/creating-github-apps/guides/migrating-oauth-apps-to-github-apps)."
-## Who can install GitHub Apps and authorize OAuth Apps?
+## Who can install GitHub Apps and authorize {% data variables.product.prodname_oauth_app %}s?
You can install GitHub Apps in your personal account or organizations you own. If you have admin permissions in a repository, you can install GitHub Apps on organization accounts. If a GitHub App is installed in a repository and requires organization permissions, the organization owner must approve the application.
{% data reusables.apps.app_manager_role %}
-By contrast, users authorize OAuth Apps, which gives the app the ability to act as the authenticated user. For example, you can authorize an OAuth App that finds all notifications for the authenticated user. You can always revoke permissions from an OAuth App.
+By contrast, users authorize {% data variables.product.prodname_oauth_app %}s, which gives the app the ability to act as the authenticated user. For example, you can authorize an {% data variables.product.prodname_oauth_app %} that finds all notifications for the authenticated user. You can always revoke permissions from an {% data variables.product.prodname_oauth_app %}.
{% ifversion limit-app-access-requests %}
{% data reusables.organizations.restricted-app-access-requests %}{% endif %}
{% data reusables.apps.deletes_ssh_keys %}
-| GitHub Apps | OAuth Apps |
+| GitHub Apps | {% data variables.product.prodname_oauth_app %}s |
| ----- | ------ |
-| You must be an organization owner or have admin permissions in a repository to install a GitHub App on an organization. If a GitHub App is installed in a repository and requires organization permissions, the organization owner must approve the application. | You can authorize an OAuth app to have access to resources. |
-| You can install a GitHub App on your personal repository. | You can authorize an OAuth app to have access to resources.|
+| You must be an organization owner or have admin permissions in a repository to install a GitHub App on an organization. If a GitHub App is installed in a repository and requires organization permissions, the organization owner must approve the application. | You can authorize an {% data variables.product.prodname_oauth_app %} to have access to resources. |
+| You can install a GitHub App on your personal repository. | You can authorize an {% data variables.product.prodname_oauth_app %} to have access to resources.|
| You must be an organization owner, personal repository owner, or have admin permissions in a repository to uninstall a GitHub App and remove its access. | You can delete an OAuth access token to remove access. |
-| You must be an organization owner or have admin permissions in a repository to request a GitHub App installation. | If an organization application policy is active, any organization member can request to install an OAuth App on an organization. An organization owner must approve or deny the request. |
+| You must be an organization owner or have admin permissions in a repository to request a GitHub App installation. | If an organization application policy is active, any organization member can request to install an {% data variables.product.prodname_oauth_app %} on an organization. An organization owner must approve or deny the request. |
-## What can GitHub Apps and OAuth Apps access?
+## What can GitHub Apps and {% data variables.product.prodname_oauth_app %}s access?
Account owners can use a {% data variables.product.prodname_github_app %} in one account without granting access to another. For example, you can install a third-party build service on your employer's organization, but decide not to grant that build service access to repositories in your personal account. A GitHub App remains installed if the person who set it up leaves the organization.
-An _authorized_ OAuth App has access to all of the user's or organization owner's accessible resources.
+An _authorized_ {% data variables.product.prodname_oauth_app %} has access to all of the user's or organization owner's accessible resources.
-| GitHub Apps | OAuth Apps |
+| GitHub Apps | {% data variables.product.prodname_oauth_app %}s |
| ----- | ------ |
-| Installing a GitHub App grants the app access to a user or organization account's chosen repositories. | Authorizing an OAuth App grants the app access to the user's accessible resources. For example, repositories they can access. |
+| Installing a GitHub App grants the app access to a user or organization account's chosen repositories. | Authorizing an {% data variables.product.prodname_oauth_app %} grants the app access to the user's accessible resources. For example, repositories they can access. |
| The installation token from a GitHub App loses access to resources if an admin removes repositories from the installation. | An OAuth access token loses access to resources when the user loses access, such as when they lose write access to a repository. |
| Installation access tokens are limited to specified repositories with the permissions chosen by the creator of the app. | An OAuth access token is limited via scopes. |
-| GitHub Apps can request separate access to issues and pull requests without accessing the actual contents of the repository. | OAuth Apps need to request the `repo` scope to get access to issues, pull requests, or anything owned by the repository. |
-| GitHub Apps aren't subject to organization application policies. A GitHub App only has access to the repositories an organization owner has granted. | If an organization application policy is active, only an organization owner can authorize the installation of an OAuth App. If installed, the OAuth App gains access to anything visible to the token the organization owner has within the approved organization. |
-| A GitHub App receives a webhook event when an installation is changed or removed. This tells the app creator when they've received more or less access to an organization's resources. | OAuth Apps can lose access to an organization or repository at any time based on the granting user's changing access. The OAuth App will not inform you when it loses access to a resource. |
+| GitHub Apps can request separate access to issues and pull requests without accessing the actual contents of the repository. | {% data variables.product.prodname_oauth_app %}s need to request the `repo` scope to get access to issues, pull requests, or anything owned by the repository. |
+| GitHub Apps aren't subject to organization application policies. A GitHub App only has access to the repositories an organization owner has granted. | If an organization application policy is active, only an organization owner can authorize the installation of an {% data variables.product.prodname_oauth_app %}. If installed, the {% data variables.product.prodname_oauth_app %} gains access to anything visible to the token the organization owner has within the approved organization. |
+| A GitHub App receives a webhook event when an installation is changed or removed. This tells the app creator when they've received more or less access to an organization's resources. | {% data variables.product.prodname_oauth_app %}s can lose access to an organization or repository at any time based on the granting user's changing access. The {% data variables.product.prodname_oauth_app %} will not inform you when it loses access to a resource. |
## Token-based identification
@@ -79,22 +79,22 @@ An _authorized_ OAuth App has access to all of the user's or organization owner'
{% endnote %}
-| GitHub Apps | OAuth Apps |
+| GitHub Apps | {% data variables.product.prodname_oauth_app %}s |
| ----- | ----------- |
-| A GitHub App can request an installation access token by using a private key with a JSON web token format out-of-band. | An OAuth app can exchange a request token for an access token after a redirect via a web request. |
+| A GitHub App can request an installation access token by using a private key with a JSON web token format out-of-band. | An {% data variables.product.prodname_oauth_app %} can exchange a request token for an access token after a redirect via a web request. |
| An installation token identifies the app as the GitHub Apps bot, such as @jenkins-bot. | An access token identifies the app as the user who granted the token to the app, such as @octocat. |
| Installation access tokens expire after a predefined amount of time (currently 1 hour). | OAuth tokens remain active until they're revoked by the customer. |
| {% data variables.product.prodname_github_apps %} installed on organizations or repositories are subject to rate limits that scale with the number of installations. For more information, see "[AUTOTITLE](/apps/creating-github-apps/setting-up-a-github-app/rate-limits-for-github-apps)." | OAuth tokens use the user's rate limit of {% ifversion fpt or ghec or ghes %}5,000{% elsif ghae %}15,000{% endif %} requests per hour. |
-| Rate limit increases can be granted both at the GitHub Apps level (affecting all installations) and at the individual installation level. | Rate limit increases are granted per OAuth App. Every token granted to that OAuth App gets the increased limit. |
+| Rate limit increases can be granted both at the GitHub Apps level (affecting all installations) and at the individual installation level. | Rate limit increases are granted per {% data variables.product.prodname_oauth_app %}. Every token granted to that {% data variables.product.prodname_oauth_app %} gets the increased limit. |
| {% data variables.product.prodname_github_apps %} can authenticate on behalf of the user. The flow to authorize is the same as the {% data variables.product.prodname_oauth_app %} authorization flow. User access tokens can expire and be renewed with a refresh token. For more information, see "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/refreshing-user-access-tokens)" and "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/identifying-and-authorizing-users-for-github-apps)." | The OAuth flow used by {% data variables.product.prodname_oauth_apps %} authorizes an {% data variables.product.prodname_oauth_app %} on behalf of the user. This is the same flow used to generate a {% data variables.product.prodname_github_app %} user access token. |
## Requesting permission levels for resources
-Unlike OAuth apps, GitHub Apps have targeted permissions that allow them to request access only to what they need. For example, a Continuous Integration (CI) GitHub App can request read access to repository content and write access to the status API. Another GitHub App can have no read or write access to code but still have the ability to manage issues, labels, and milestones. OAuth Apps can't use granular permissions.
+Unlike {% data variables.product.prodname_oauth_app %}s, GitHub Apps have targeted permissions that allow them to request access only to what they need. For example, a Continuous Integration (CI) GitHub App can request read access to repository content and write access to the status API. Another GitHub App can have no read or write access to code but still have the ability to manage issues, labels, and milestones. {% data variables.product.prodname_oauth_app %}s can't use granular permissions.
{% rowheaders %}
-| Access | GitHub Apps (`read` or `write` permissions) | OAuth Apps |
+| Access | GitHub Apps (`read` or `write` permissions) | {% data variables.product.prodname_oauth_app %}s |
| ------ | ----- | ----------- |
| **For access to public repositories** | Public repository needs to be chosen during installation. | `public_repo` scope. |
| **For access to repository code/contents** | Repository contents | `repo` scope. |
@@ -108,24 +108,24 @@ Unlike OAuth apps, GitHub Apps have targeted permissions that allow them to requ
## Repository discovery
-| GitHub Apps | OAuth Apps |
+| GitHub Apps | {% data variables.product.prodname_oauth_app %}s |
| ----- | ----------- |
-| GitHub Apps can look at `/installation/repositories` to see repositories the installation can access. | OAuth Apps can look at `/user/repos` for a user view or `/orgs/:org/repos` for an organization view of accessible repositories. |
-| GitHub Apps receive webhooks when repositories are added or removed from the installation. | OAuth Apps create organization webhooks for notifications when a new repository is created within an organization. |
+| GitHub Apps can look at `/installation/repositories` to see repositories the installation can access. | {% data variables.product.prodname_oauth_app %}s can look at `/user/repos` for a user view or `/orgs/:org/repos` for an organization view of accessible repositories. |
+| GitHub Apps receive webhooks when repositories are added or removed from the installation. | {% data variables.product.prodname_oauth_app %}s create organization webhooks for notifications when a new repository is created within an organization. |
## Webhooks
-| GitHub Apps | OAuth Apps |
+| GitHub Apps | {% data variables.product.prodname_oauth_app %}s |
| ----- | ----------- |
-| By default, GitHub Apps have a single webhook that receives the events they are configured to receive for every repository they have access to. | OAuth Apps request the webhook scope to create a repository webhook for each repository they need to receive events from. |
-| GitHub Apps receive certain organization-level events with the organization member's permission. | OAuth Apps request the organization webhook scope to create an organization webhook for each organization they need to receive organization-level events from. |
-| Webhooks are automatically disabled when the GitHub App is uninstalled. | Webhooks are not automatically disabled if an OAuth App's access token is deleted, and there is no way to clean them up automatically. You will have to ask users to do this manually.|
+| By default, GitHub Apps have a single webhook that receives the events they are configured to receive for every repository they have access to. | {% data variables.product.prodname_oauth_app %}s request the webhook scope to create a repository webhook for each repository they need to receive events from. |
+| GitHub Apps receive certain organization-level events with the organization member's permission. | {% data variables.product.prodname_oauth_app %}s request the organization webhook scope to create an organization webhook for each organization they need to receive organization-level events from. |
+| Webhooks are automatically disabled when the GitHub App is uninstalled. | Webhooks are not automatically disabled if an {% data variables.product.prodname_oauth_app %}'s access token is deleted, and there is no way to clean them up automatically. You will have to ask users to do this manually.|
## Git access
-| GitHub Apps | OAuth Apps |
+| GitHub Apps | {% data variables.product.prodname_oauth_app %}s |
| ----- | ----------- |
-| GitHub Apps ask for repository contents permission and use your installation access token to authenticate via HTTP-based Git. For more information, see "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/generating-an-installation-access-token-for-a-github-app)"| OAuth Apps ask for `write:public_key` scope and [Create a deploy key](/rest/deployments#create-a-deploy-key) via the API. You can then use that key to perform Git commands. |
+| GitHub Apps ask for repository contents permission and use your installation access token to authenticate via HTTP-based Git. For more information, see "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/generating-an-installation-access-token-for-a-github-app)"| {% data variables.product.prodname_oauth_app %}s ask for `write:public_key` scope and [Create a deploy key](/rest/deployments#create-a-deploy-key) via the API. You can then use that key to perform Git commands. |
| The token is used as the HTTP password. | The token is used as the HTTP username. |
## Machine vs. bot accounts
@@ -134,7 +134,7 @@ Machine user accounts are OAuth-based personal accounts that segregate automated
Bot accounts are specific to GitHub Apps and are built into every GitHub App.
-| GitHub Apps | OAuth Apps |
+| GitHub Apps | {% data variables.product.prodname_oauth_app %}s |
| ----- | ----------- |
| GitHub App bots do not consume a {% data variables.product.prodname_enterprise %} seat. | A machine user account consumes a {% data variables.product.prodname_enterprise %} seat. |
| Because a GitHub App bot is never granted a password, a customer can't sign into it directly. | A machine user account is granted a username and password to be managed and secured by the customer. |
diff --git a/content/apps/oauth-apps/building-oauth-apps/index.md b/content/apps/oauth-apps/building-oauth-apps/index.md
index 03c203c64c9c..6864f87f4796 100644
--- a/content/apps/oauth-apps/building-oauth-apps/index.md
+++ b/content/apps/oauth-apps/building-oauth-apps/index.md
@@ -1,6 +1,6 @@
---
-title: Building OAuth Apps
-intro: You can build OAuth Apps for yourself or others to use. Learn how to register and set up permissions and authorization options for OAuth Apps.
+title: Building OAuth apps
+intro: You can build {% data variables.product.prodname_oauth_app %}s for yourself or others to use. Learn how to register and set up permissions and authorization options for {% data variables.product.prodname_oauth_app %}s.
redirect_from:
- /apps/building-integrations/setting-up-and-registering-oauth-apps
- /apps/building-oauth-apps
@@ -11,7 +11,7 @@ versions:
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
children:
- /differences-between-github-apps-and-oauth-apps
- /rate-limits-for-oauth-apps
diff --git a/content/apps/oauth-apps/building-oauth-apps/rate-limits-for-oauth-apps.md b/content/apps/oauth-apps/building-oauth-apps/rate-limits-for-oauth-apps.md
index 299268725656..4f68eb1ab225 100644
--- a/content/apps/oauth-apps/building-oauth-apps/rate-limits-for-oauth-apps.md
+++ b/content/apps/oauth-apps/building-oauth-apps/rate-limits-for-oauth-apps.md
@@ -1,5 +1,5 @@
---
-title: Rate limits for OAuth Apps
+title: Rate limits for OAuth apps
intro: '{% data reusables.shortdesc.rate_limits_apps %}'
versions:
fpt: '*'
@@ -7,7 +7,7 @@ versions:
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
shortTitle: Rate limits
---
diff --git a/content/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps.md b/content/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps.md
index c8acb8256630..712d96c77419 100644
--- a/content/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps.md
+++ b/content/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps.md
@@ -1,5 +1,5 @@
---
-title: Scopes for OAuth Apps
+title: Scopes for OAuth apps
intro: '{% data reusables.shortdesc.understanding_scopes_for_oauth_apps %}'
redirect_from:
- /apps/building-integrations/setting-up-and-registering-oauth-apps/about-scopes-for-oauth-apps
@@ -13,7 +13,7 @@ versions:
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
---
{% note %}
@@ -22,7 +22,7 @@ topics:
{% endnote %}
-When setting up an OAuth App on GitHub, requested scopes are displayed to the user on the authorization form.
+When setting up an {% data variables.product.prodname_oauth_app %} on GitHub, requested scopes are displayed to the user on the authorization form.
{% note %}
@@ -65,7 +65,7 @@ Name | Description
**`admin:public_key`** | Fully manage public keys.
`write:public_key`| Create, list, and view details for public keys.
`read:public_key`| List and view details for public keys.
-**`admin:org_hook`** | Grants read, write, ping, and delete access to organization hooks. **Note:** OAuth tokens will only be able to perform these actions on organization hooks which were created by the OAuth App. {% data variables.product.pat_generic_caps %}s will only be able to perform these actions on organization hooks created by a user.
+**`admin:org_hook`** | Grants read, write, ping, and delete access to organization hooks. **Note:** OAuth tokens will only be able to perform these actions on organization hooks which were created by the {% data variables.product.prodname_oauth_app %}. {% data variables.product.pat_generic_caps %}s will only be able to perform these actions on organization hooks created by a user.
**`gist`** | Grants write access to gists.
**`notifications`** | Grants:
* read access to a user's notifications
* mark as read access to threads
* watch and unwatch access to a repository, and
* read, write, and delete access to thread subscriptions.
**`user`** | Grants read/write access to profile info only. Note that this scope includes `user:email` and `user:follow`.
@@ -92,7 +92,7 @@ Name | Description
**`read:audit_log`** | Read audit log data.{% endif %}
{% note %}
-**Note:** Your OAuth App can request the scopes in the initial redirection. You
+**Note:** Your {% data variables.product.prodname_oauth_app %} can request the scopes in the initial redirection. You
can specify multiple scopes by separating them with a space using `%20`:
https://github.com/login/oauth/authorize?
diff --git a/content/apps/oauth-apps/index.md b/content/apps/oauth-apps/index.md
index 78f610742836..0dc7dcf4c480 100644
--- a/content/apps/oauth-apps/index.md
+++ b/content/apps/oauth-apps/index.md
@@ -1,5 +1,5 @@
---
-title: OAuth Apps
+title: OAuth apps
intro: Learn how to build and maintain {% data variables.product.prodname_oauth_apps %}.
versions:
fpt: '*'
@@ -7,7 +7,7 @@ versions:
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
children:
- /using-oauth-apps
- /building-oauth-apps
diff --git a/content/apps/oauth-apps/maintaining-oauth-apps/activating-optional-features-for-oauth-apps.md b/content/apps/oauth-apps/maintaining-oauth-apps/activating-optional-features-for-oauth-apps.md
index 987711f4b88a..ae424cbfd473 100644
--- a/content/apps/oauth-apps/maintaining-oauth-apps/activating-optional-features-for-oauth-apps.md
+++ b/content/apps/oauth-apps/maintaining-oauth-apps/activating-optional-features-for-oauth-apps.md
@@ -1,5 +1,5 @@
---
-title: Activating optional features for OAuth Apps
+title: Activating optional features for OAuth apps
intro: 'You can test new optional features for your {% data variables.product.prodname_oauth_apps %}.'
versions:
fpt: '*'
@@ -7,7 +7,7 @@ versions:
ghes: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
shortTitle: Activate optional features
---
{% warning %}
diff --git a/content/apps/oauth-apps/maintaining-oauth-apps/deleting-an-oauth-app.md b/content/apps/oauth-apps/maintaining-oauth-apps/deleting-an-oauth-app.md
index 665496aeb3a0..1337cf86589b 100644
--- a/content/apps/oauth-apps/maintaining-oauth-apps/deleting-an-oauth-app.md
+++ b/content/apps/oauth-apps/maintaining-oauth-apps/deleting-an-oauth-app.md
@@ -1,5 +1,5 @@
---
-title: Deleting an OAuth App
+title: Deleting an OAuth app
intro: '{% data reusables.shortdesc.deleting_oauth_apps %}'
redirect_from:
- /apps/building-integrations/managing-oauth-apps/deleting-an-oauth-app
@@ -12,7 +12,7 @@ versions:
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
---
{% data reusables.user-settings.access_settings %}
{% data reusables.user-settings.developer_settings %}
diff --git a/content/apps/oauth-apps/maintaining-oauth-apps/index.md b/content/apps/oauth-apps/maintaining-oauth-apps/index.md
index d2bed54a5b53..60664a1633df 100644
--- a/content/apps/oauth-apps/maintaining-oauth-apps/index.md
+++ b/content/apps/oauth-apps/maintaining-oauth-apps/index.md
@@ -1,6 +1,6 @@
---
-title: Maintaining OAuth Apps
-intro: 'After you create and register an OAuth App, you can make modifications to the app, change permissions, transfer ownership, and delete the app.'
+title: Maintaining OAuth apps
+intro: 'After you create and register an {% data variables.product.prodname_oauth_app %}, you can make modifications to the app, change permissions, transfer ownership, and delete the app.'
redirect_from:
- /apps/building-integrations/managing-oauth-apps
- /apps/managing-oauth-apps
@@ -11,7 +11,7 @@ versions:
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
children:
- /modifying-an-oauth-app
- /activating-optional-features-for-oauth-apps
diff --git a/content/apps/oauth-apps/maintaining-oauth-apps/modifying-an-oauth-app.md b/content/apps/oauth-apps/maintaining-oauth-apps/modifying-an-oauth-app.md
index 2d0bb8b7efee..9ddc6cd19bec 100644
--- a/content/apps/oauth-apps/maintaining-oauth-apps/modifying-an-oauth-app.md
+++ b/content/apps/oauth-apps/maintaining-oauth-apps/modifying-an-oauth-app.md
@@ -1,5 +1,5 @@
---
-title: Modifying an OAuth App
+title: Modifying an OAuth app
intro: '{% data reusables.shortdesc.modifying_oauth_apps %}'
redirect_from:
- /apps/building-integrations/managing-oauth-apps/modifying-an-oauth-app
@@ -12,7 +12,7 @@ versions:
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
---
{% data reusables.user-settings.access_settings %}
{% data reusables.user-settings.developer_settings %}
diff --git a/content/apps/oauth-apps/maintaining-oauth-apps/transferring-ownership-of-an-oauth-app.md b/content/apps/oauth-apps/maintaining-oauth-apps/transferring-ownership-of-an-oauth-app.md
index fd7036b9b747..f9d778572084 100644
--- a/content/apps/oauth-apps/maintaining-oauth-apps/transferring-ownership-of-an-oauth-app.md
+++ b/content/apps/oauth-apps/maintaining-oauth-apps/transferring-ownership-of-an-oauth-app.md
@@ -1,5 +1,5 @@
---
-title: Transferring ownership of an OAuth App
+title: Transferring ownership of an OAuth app
intro: '{% data reusables.shortdesc.transferring_ownership_of_oauth_apps %}'
redirect_from:
- /apps/building-integrations/managing-oauth-apps/transferring-ownership-of-an-oauth-app
@@ -12,7 +12,7 @@ versions:
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
shortTitle: Transfer ownership
---
{% data reusables.user-settings.access_settings %}
diff --git a/content/apps/oauth-apps/maintaining-oauth-apps/troubleshooting-authorization-request-errors.md b/content/apps/oauth-apps/maintaining-oauth-apps/troubleshooting-authorization-request-errors.md
index 62cd14429aba..356447a48e72 100644
--- a/content/apps/oauth-apps/maintaining-oauth-apps/troubleshooting-authorization-request-errors.md
+++ b/content/apps/oauth-apps/maintaining-oauth-apps/troubleshooting-authorization-request-errors.md
@@ -17,7 +17,7 @@ shortTitle: Troubleshoot authorization
---
## Application suspended
-If the OAuth App you set up has been suspended (due to reported abuse, spam, or a mis-use of the API), GitHub will redirect to the registered callback URL using the following parameters to summarize the error:
+If the {% data variables.product.prodname_oauth_app %} you set up has been suspended (due to reported abuse, spam, or a mis-use of the API), GitHub will redirect to the registered callback URL using the following parameters to summarize the error:
http://your-application.com/callback?error=application_suspended
&error_description=Your+application+has+been+suspended.+Contact+support@github.com.
diff --git a/content/apps/oauth-apps/maintaining-oauth-apps/troubleshooting-oauth-app-access-token-request-errors.md b/content/apps/oauth-apps/maintaining-oauth-apps/troubleshooting-oauth-app-access-token-request-errors.md
index 9b0907b79471..8a8a2053c4d7 100644
--- a/content/apps/oauth-apps/maintaining-oauth-apps/troubleshooting-oauth-app-access-token-request-errors.md
+++ b/content/apps/oauth-apps/maintaining-oauth-apps/troubleshooting-oauth-app-access-token-request-errors.md
@@ -1,5 +1,5 @@
---
-title: Troubleshooting OAuth App access token request errors
+title: Troubleshooting OAuth app access token request errors
intro: '{% data reusables.shortdesc.troubleshooting_access_token_reques_errors_oauth_apps %}'
redirect_from:
- /apps/building-integrations/managing-oauth-apps/troubleshooting-oauth-app-access-token-request-errors
@@ -12,7 +12,7 @@ versions:
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
shortTitle: Troubleshoot token request
---
{% note %}
diff --git a/content/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps.md b/content/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps.md
index eaf2ed464a65..f54c2d3d1a5f 100644
--- a/content/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps.md
+++ b/content/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps.md
@@ -1,5 +1,5 @@
---
-title: Authorizing OAuth Apps
+title: Authorizing OAuth apps
intro: 'You can connect your {% data variables.product.product_name %} identity to third-party applications using OAuth. When authorizing an {% data variables.product.prodname_oauth_app %}, you should ensure you trust the application, review who it''s developed by, and review the kinds of information the application wants to access.'
redirect_from:
- /articles/authorizing-oauth-apps
diff --git a/content/apps/oauth-apps/using-oauth-apps/index.md b/content/apps/oauth-apps/using-oauth-apps/index.md
index bd0d63cdc682..eb15b40c3d7b 100644
--- a/content/apps/oauth-apps/using-oauth-apps/index.md
+++ b/content/apps/oauth-apps/using-oauth-apps/index.md
@@ -1,18 +1,18 @@
---
-title: Using OAuth Apps
-intro: 'You can authorize third-party OAuth Applications, and review the OAuth applications you authorized.'
+title: Using OAuth apps
+intro: 'You can authorize third-party {% data variables.product.prodname_oauth_app %}s, and review the {% data variables.product.prodname_oauth_app %}s you authorized.'
versions:
fpt: '*'
ghes: '*'
ghae: '*'
ghec: '*'
topics:
- - OAuth Apps
+ - OAuth apps
children:
- /installing-an-oauth-app-in-your-personal-account
- /installing-an-oauth-app-in-your-organization
- /authorizing-oauth-apps
- - /reviewing-your-authorized-oauth-applications
+ - /reviewing-your-authorized-oauth-apps
- /connecting-with-third-party-applications
---
diff --git a/content/apps/oauth-apps/using-oauth-apps/installing-an-oauth-app-in-your-organization.md b/content/apps/oauth-apps/using-oauth-apps/installing-an-oauth-app-in-your-organization.md
index e59162f57a06..4878adcd4184 100644
--- a/content/apps/oauth-apps/using-oauth-apps/installing-an-oauth-app-in-your-organization.md
+++ b/content/apps/oauth-apps/using-oauth-apps/installing-an-oauth-app-in-your-organization.md
@@ -1,5 +1,5 @@
---
-title: Installing an OAuth App in your organization
+title: Installing an OAuth app in your organization
intro: 'You can install {% data variables.product.prodname_oauth_apps %} from {% data variables.product.prodname_marketplace %} to use in your organization.'
versions:
fpt: '*'
diff --git a/content/apps/oauth-apps/using-oauth-apps/installing-an-oauth-app-in-your-personal-account.md b/content/apps/oauth-apps/using-oauth-apps/installing-an-oauth-app-in-your-personal-account.md
index 8bb55a88b455..5fb660e8b933 100644
--- a/content/apps/oauth-apps/using-oauth-apps/installing-an-oauth-app-in-your-personal-account.md
+++ b/content/apps/oauth-apps/using-oauth-apps/installing-an-oauth-app-in-your-personal-account.md
@@ -1,5 +1,5 @@
---
-title: Installing an OAuth App in your personal account
+title: Installing an OAuth app in your personal account
intro: 'You can install {% data variables.product.prodname_oauth_apps %} from {% data variables.product.prodname_marketplace %} to use in your personal account.'
versions:
fpt: '*'
diff --git a/content/apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-oauth-applications.md b/content/apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-oauth-apps.md
similarity index 90%
rename from content/apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-oauth-applications.md
rename to content/apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-oauth-apps.md
index 525a9c7ed943..c3bbae25794e 100644
--- a/content/apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-oauth-applications.md
+++ b/content/apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-oauth-apps.md
@@ -1,5 +1,5 @@
---
-title: Reviewing your authorized OAuth applications
+title: Reviewing your authorized OAuth apps
intro: 'You should review your authorized applications to verify that no new applications with expansive permissions are authorized, such as those that have access to your private repositories.'
redirect_from:
- /articles/reviewing-your-authorized-applications-oauth
@@ -7,6 +7,7 @@ redirect_from:
- /github/authenticating-to-github/keeping-your-account-and-data-secure/reviewing-your-authorized-applications-oauth
- /authentication/keeping-your-account-and-data-secure/reviewing-your-authorized-applications-oauth
- /apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-applications-oauth
+ - /apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-oauth-applications
versions:
fpt: '*'
ghes: '*'
diff --git a/content/apps/overview.md b/content/apps/overview.md
index ddcc97229931..b9f002be3f85 100644
--- a/content/apps/overview.md
+++ b/content/apps/overview.md
@@ -21,6 +21,6 @@ For more information about using {% data variables.product.prodname_github_app %
For more information about building {% data variables.product.prodname_github_app %}s, see "[AUTOTITLE](/apps/creating-github-apps/setting-up-a-github-app/about-creating-github-apps)."
-## {% data variables.product.prodname_github_app %}s and OAuth Apps
+## {% data variables.product.prodname_github_app %}s and {% data variables.product.prodname_oauth_apps %}
-{% data variables.product.company_short %} also supports OAuth Apps. In general, {% data variables.product.prodname_github_app %}s are preferred over {% data variables.product.prodname_oauth_app %}s. {% data variables.product.prodname_github_app %}s use fine-grained permissions, give the user more control over which repositories the app can access, and use short-lived tokens. These properties can harden the security of the app by limiting the damage that could be done if the app's credentials were leaked. For more information, see "[AUTOTITLE](/apps/oauth-apps/building-oauth-apps/differences-between-github-apps-and-oauth-apps)."
+{% data variables.product.company_short %} also supports {% data variables.product.prodname_oauth_apps %}. In general, {% data variables.product.prodname_github_app %}s are preferred over {% data variables.product.prodname_oauth_apps %}. {% data variables.product.prodname_github_app %}s use fine-grained permissions, give the user more control over which repositories the app can access, and use short-lived tokens. These properties can harden the security of the app by limiting the damage that could be done if the app's credentials were leaked. For more information, see "[AUTOTITLE](/apps/oauth-apps/building-oauth-apps/differences-between-github-apps-and-oauth-apps)."
diff --git a/content/apps/publishing-apps-to-github-marketplace/using-the-github-marketplace-api-in-your-app/handling-plan-cancellations.md b/content/apps/publishing-apps-to-github-marketplace/using-the-github-marketplace-api-in-your-app/handling-plan-cancellations.md
index 0d0ddb191ff0..56461540e3f6 100644
--- a/content/apps/publishing-apps-to-github-marketplace/using-the-github-marketplace-api-in-your-app/handling-plan-cancellations.md
+++ b/content/apps/publishing-apps-to-github-marketplace/using-the-github-marketplace-api-in-your-app/handling-plan-cancellations.md
@@ -29,7 +29,7 @@ When a customer cancels a free or paid plan, your app must perform these steps t
1. Deactivate the account of the customer who canceled their plan.
1. Revoke the OAuth token your app received for the customer.
-1. If your app is an OAuth App, remove all webhooks your app created for repositories.
+1. If your app is an {% data variables.product.prodname_oauth_app %}, remove all webhooks your app created for repositories.
1. Remove all customer data within 30 days of receiving the `cancelled` event.
{% note %}
diff --git a/content/apps/publishing-apps-to-github-marketplace/using-the-github-marketplace-api-in-your-app/rest-endpoints-for-the-github-marketplace-api.md b/content/apps/publishing-apps-to-github-marketplace/using-the-github-marketplace-api-in-your-app/rest-endpoints-for-the-github-marketplace-api.md
index dcb0f62cf9c9..82289433c435 100644
--- a/content/apps/publishing-apps-to-github-marketplace/using-the-github-marketplace-api-in-your-app/rest-endpoints-for-the-github-marketplace-api.md
+++ b/content/apps/publishing-apps-to-github-marketplace/using-the-github-marketplace-api-in-your-app/rest-endpoints-for-the-github-marketplace-api.md
@@ -26,8 +26,8 @@ Here are some useful endpoints available for Marketplace listings:
See these pages for details on how to authenticate when using the {% data variables.product.prodname_marketplace %} API:
-- [Authorization options for OAuth Apps](/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps)
-- [Authentication options for GitHub Apps](/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app)
+- [Authorization options for {% data variables.product.prodname_oauth_apps %}](/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps)
+- [Authentication options for {% data variables.product.prodname_github_apps %}](/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app)
{% note %}
diff --git a/content/apps/using-github-apps/about-using-github-apps.md b/content/apps/using-github-apps/about-using-github-apps.md
index c952f91c134d..6666af8c1d17 100644
--- a/content/apps/using-github-apps/about-using-github-apps.md
+++ b/content/apps/using-github-apps/about-using-github-apps.md
@@ -32,7 +32,7 @@ Occasionally, the {% data variables.product.prodname_github_app %} will request
Before you install or authorize a {% data variables.product.prodname_github_app %}, you should make sure that you trust the app developer. If you no longer use the app, you should suspend or uninstall the app and/or revoke your authorization of the app. For more information, see "[AUTOTITLE](/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access)" and "[AUTOTITLE](/apps/using-github-apps/reviewing-your-authorized-integrations)."
-## {% data variables.product.prodname_github_app %}s and OAuth Apps
+## {% data variables.product.prodname_github_app %}s and {% data variables.product.prodname_oauth_app %}s
{% data variables.product.company_short %} also supports {% data variables.product.prodname_oauth_app %}s. Unlike {% data variables.product.prodname_github_app %}s, you do not install an {% data variables.product.prodname_oauth_app %} or control what repositories it can access.
diff --git a/content/authentication/keeping-your-account-and-data-secure/token-expiration-and-revocation.md b/content/authentication/keeping-your-account-and-data-secure/token-expiration-and-revocation.md
index de4b8e1d2bad..2c29c48efc75 100644
--- a/content/authentication/keeping-your-account-and-data-secure/token-expiration-and-revocation.md
+++ b/content/authentication/keeping-your-account-and-data-secure/token-expiration-and-revocation.md
@@ -49,9 +49,9 @@ Once an authorization is revoked, any tokens associated with the authorization w
## Token revoked by the {% data variables.product.prodname_oauth_app %}
-The owner of an {% data variables.product.prodname_oauth_app %} can revoke an account's authorization of their app, this will also revoke any tokens associated with the authorization. For more information about revoking authorizations of your OAuth app, see "[AUTOTITLE](/rest/apps#delete-an-app-authorization)."
+The owner of an {% data variables.product.prodname_oauth_app %} can revoke an account's authorization of their app, this will also revoke any tokens associated with the authorization. For more information about revoking authorizations of your {% data variables.product.prodname_oauth_app %}, see "[AUTOTITLE](/rest/apps#delete-an-app-authorization)."
-{% data variables.product.prodname_oauth_app %} owners can also revoke individual tokens associated with an authorization. For more information about revoking individual tokens for your OAuth app, see "[AUTOTITLE](/rest/apps/oauth-applications#delete-an-app-token)".
+{% data variables.product.prodname_oauth_app %} owners can also revoke individual tokens associated with an authorization. For more information about revoking individual tokens for your {% data variables.product.prodname_oauth_app %}, see "[AUTOTITLE](/rest/apps/oauth-applications#delete-an-app-token)".
## Token revoked due to excess of tokens for an {% data variables.product.prodname_oauth_app %} with the same scope
diff --git a/content/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials.md b/content/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials.md
index af1b8ba98fe9..bdf3fcf28c6e 100644
--- a/content/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials.md
+++ b/content/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials.md
@@ -64,7 +64,7 @@ See "[AUTOTITLE](/apps/using-github-apps/reviewing-your-authorized-integrations)
{% ifversion not ghae %}
-If you have reset your account password and would also like to trigger a sign-out from the {% data variables.product.prodname_mobile %} app, you can revoke your authorization of the "GitHub iOS" or "GitHub Android" OAuth App. This will sign out all instances of the {% data variables.product.prodname_mobile %} app associated with your account. For additional information, see "[AUTOTITLE](/apps/using-github-apps/reviewing-your-authorized-integrations)."
+If you have reset your account password and would also like to trigger a sign-out from the {% data variables.product.prodname_mobile %} app, you can revoke your authorization of the "GitHub iOS" or "GitHub Android" {% data variables.product.prodname_oauth_app %}. This will sign out all instances of the {% data variables.product.prodname_mobile %} app associated with your account. For additional information, see "[AUTOTITLE](/apps/using-github-apps/reviewing-your-authorized-integrations)."
{% endif %}
diff --git a/content/code-security/security-advisories/global-security-advisories/about-the-github-advisory-database.md b/content/code-security/security-advisories/global-security-advisories/about-the-github-advisory-database.md
index 09c5aa77d0cb..7a32ad2b2b0c 100644
--- a/content/code-security/security-advisories/global-security-advisories/about-the-github-advisory-database.md
+++ b/content/code-security/security-advisories/global-security-advisories/about-the-github-advisory-database.md
@@ -51,7 +51,8 @@ Generally, we name our supported ecosystems after the software programming langu
- pip (registry: https://pypi.org/){% ifversion dependency-graph-dart-support %}
- pub (registry: https://pub.dev/packages/registry){% endif %}
- RubyGems (registry: https://rubygems.org/)
-- Rust (registry: https://crates.io/)
+- Rust (registry: https://crates.io/){% ifversion supply-chain-features-swift-support %}
+- Swift (registry: N/A){% endif %}
If you have a suggestion for a new ecosystem we should support, please open an [issue](https://github.com/github/advisory-database/issues) for discussion.
diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
index 6760ca6b00b1..b2b97b117db9 100644
--- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
+++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph.md
@@ -95,6 +95,9 @@ The recommended formats explicitly define which versions are used for all direct
{%- endif %}
| Python Poetry | Python | `poetry.lock` | `poetry.lock`, `pyproject.toml` |
| RubyGems | Ruby | `Gemfile.lock` | `Gemfile.lock`, `Gemfile`, `*.gemspec` |
+{%- ifversion supply-chain-features-swift-support %}
+| Swift Package Manager | Swift | `Package.resolved` | `Package.resolved` |
+{%- endif %}
| Yarn | JavaScript | `yarn.lock` | `package.json`, `yarn.lock` |
{% note %}
diff --git a/content/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide/integrate-github-classroom-with-an-ide.md b/content/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide/integrate-github-classroom-with-an-ide.md
index b72a5842d76b..f2ec5620fdb5 100644
--- a/content/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide/integrate-github-classroom-with-an-ide.md
+++ b/content/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide/integrate-github-classroom-with-an-ide.md
@@ -36,9 +36,9 @@ You can choose the IDE you'd like to use for an assignment when you create an as
The first time you configure an assignment using a different IDE, you must ensure that it is set up correctly.
-Unless you use {% data variables.product.prodname_github_codespaces %}, you must authorize the OAuth app for the IDE for your organization. For all repositories, grant the app **read** access to metadata, administration, and code, and **write** access to administration and code. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)."
+Unless you use {% data variables.product.prodname_github_codespaces %}, you must authorize the {% data variables.product.prodname_oauth_app %} for the IDE for your organization. For all repositories, grant the app **read** access to metadata, administration, and code, and **write** access to administration and code. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)."
-{% data variables.product.prodname_github_codespaces %} does not require an OAuth app, but you need to enable {% data variables.product.prodname_github_codespaces %} for your organization to be able to configure an assignment with {% data variables.product.prodname_github_codespaces %}. For more information, see "[AUTOTITLE](/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide/using-github-codespaces-with-github-classroom#enabling-codespaces-for-your-organization)."
+{% data variables.product.prodname_github_codespaces %} does not require an {% data variables.product.prodname_oauth_app %}, but you need to enable {% data variables.product.prodname_github_codespaces %} for your organization to be able to configure an assignment with {% data variables.product.prodname_github_codespaces %}. For more information, see "[AUTOTITLE](/education/manage-coursework-with-github-classroom/integrate-github-classroom-with-an-ide/using-github-codespaces-with-github-classroom#enabling-codespaces-for-your-organization)."
## Further reading
diff --git a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/manage-classrooms.md b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/manage-classrooms.md
index cad5c18a2894..86df0dfe3e2e 100644
--- a/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/manage-classrooms.md
+++ b/content/education/manage-coursework-with-github-classroom/teach-with-github-classroom/manage-classrooms.md
@@ -37,7 +37,7 @@ When you first share the URL for an assignment with a student, the student must
You must have an organization account on {% data variables.product.product_name %} to manage classrooms on {% data variables.product.prodname_classroom %}. For more information, see "[AUTOTITLE](/get-started/learning-about-github/types-of-github-accounts#organization-accounts)" and "[AUTOTITLE](/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch)."
-You must authorize the OAuth app for {% data variables.product.prodname_classroom %} for your organization to manage classrooms for your organization account. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)."
+You must authorize the {% data variables.product.prodname_oauth_app %} for {% data variables.product.prodname_classroom %} for your organization to manage classrooms for your organization account. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)."
## Creating a classroom
diff --git a/content/get-started/learning-about-github/github-language-support.md b/content/get-started/learning-about-github/github-language-support.md
index d8595a28a603..7ce395c70c5a 100644
--- a/content/get-started/learning-about-github/github-language-support.md
+++ b/content/get-started/learning-about-github/github-language-support.md
@@ -37,7 +37,7 @@ Some features are supported for additional languages or package managers. If you
{% data reusables.supported-languages.python %}
{% data reusables.supported-languages.ruby %}
{% data reusables.supported-languages.scala %}
-{%- ifversion codeql-swift-beta %}
+{%- ifversion codeql-swift-beta or supply-chain-features-swift-support %}
{% data reusables.supported-languages.swift %}
{%- endif %}
{% data reusables.supported-languages.typescript %}
diff --git a/content/graphql/guides/using-the-graphql-api-for-discussions.md b/content/graphql/guides/using-the-graphql-api-for-discussions.md
index 0742e60b7ae7..996078c06780 100644
--- a/content/graphql/guides/using-the-graphql-api-for-discussions.md
+++ b/content/graphql/guides/using-the-graphql-api-for-discussions.md
@@ -8,7 +8,7 @@ shortTitle: Use GraphQL for Discussions
The {% data variables.product.prodname_discussions %} GraphQL API allows you to get, create, edit, and delete discussion posts. For more information about {% data variables.product.prodname_discussions %}, see "[AUTOTITLE](/discussions/collaborating-with-your-community-using-discussions/about-discussions)."
-This API is available for authenticated users, OAuth Apps, and GitHub Apps. Access tokens require the `repo` scope for private repositories and the `public_repo` scope for public repositories. For more information, see "[AUTOTITLE](/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps)."
+This API is available for authenticated users, {% data variables.product.prodname_oauth_app %}s, and GitHub Apps. Access tokens require the `repo` scope for private repositories and the `public_repo` scope for public repositories. For more information, see "[AUTOTITLE](/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps)."
## Fields
diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md
index 11b15edfd4ab..41cc5700747f 100644
--- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md
+++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md
@@ -65,7 +65,7 @@ To search for specific events, use the `action` qualifier in your query. Actions
| `org_credential_authorization` | Contains all activities related to authorizing credentials for use with SAML single sign-on.{% endif %}{% ifversion secret-scanning-audit-log-custom-patterns %}
| `org_secret_scanning_custom_pattern` | Contains organization-level activities related to {% data variables.product.prodname_secret_scanning %} custom patterns. For more information, see "[AUTOTITLE](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)." {% endif %}
| `organization_default_label` | Contains all activities related to default labels for repositories in your organization.
-| `oauth_application` | Contains all activities related to OAuth Apps.
+| `oauth_application` | Contains all activities related to {% data variables.product.prodname_oauth_app %}s.
| `packages` | Contains all activities related to {% data variables.product.prodname_registry %}.{% ifversion fpt or ghec %}
| `payment_method` | Contains all activities related to how your organization pays for GitHub.{% endif %}{% ifversion pat-v2%}
| `personal_access_token` | Contains activities related to {% data variables.product.pat_v2 %}s in your organization. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)."{% endif %}
diff --git a/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md b/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md
index b8cceae5a112..27ac8308a6bc 100644
--- a/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md
+++ b/content/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions.md
@@ -1,5 +1,5 @@
---
-title: About OAuth App access restrictions
+title: About OAuth app access restrictions
intro: 'Organizations can choose which {% data variables.product.prodname_oauth_apps %} have access to their repositories and other resources by enabling {% data variables.product.prodname_oauth_app %} access restrictions.'
redirect_from:
- /articles/about-third-party-application-restrictions
@@ -12,10 +12,10 @@ versions:
topics:
- Organizations
- Teams
-shortTitle: OAuth App restrictions
+shortTitle: '{% data variables.product.prodname_oauth_app %} restrictions'
---
-## About OAuth App access restrictions
+## About {% data variables.product.prodname_oauth_app %} access restrictions
{% data reusables.apps.oauth-app-access-restrictions %}
diff --git a/content/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization.md b/content/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization.md
index 777145ab751c..e0285e06368a 100644
--- a/content/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization.md
+++ b/content/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization.md
@@ -1,5 +1,5 @@
---
-title: Approving OAuth Apps for your organization
+title: Approving OAuth apps for your organization
intro: 'When an organization member or outside collaborator requests {% data variables.product.prodname_oauth_app %} access to organization resources, organization owners can approve or deny the request.'
redirect_from:
- /articles/approving-third-party-applications-for-your-organization
@@ -12,7 +12,7 @@ versions:
topics:
- Organizations
- Teams
-shortTitle: Approve OAuth App access
+shortTitle: Approve {% data variables.product.prodname_oauth_app %} access
---
When {% data variables.product.prodname_oauth_app %} access restrictions are enabled, organization members and outside collaborators must [request approval](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-membership-in-organizations/requesting-organization-approval-for-oauth-apps) from an organization owner before they can authorize an {% data variables.product.prodname_oauth_app %} that has access to the organization's resources.
diff --git a/content/organizations/managing-oauth-access-to-your-organizations-data/denying-access-to-a-previously-approved-oauth-app-for-your-organization.md b/content/organizations/managing-oauth-access-to-your-organizations-data/denying-access-to-a-previously-approved-oauth-app-for-your-organization.md
index a4ed7eadfb5e..3926e40b639b 100644
--- a/content/organizations/managing-oauth-access-to-your-organizations-data/denying-access-to-a-previously-approved-oauth-app-for-your-organization.md
+++ b/content/organizations/managing-oauth-access-to-your-organizations-data/denying-access-to-a-previously-approved-oauth-app-for-your-organization.md
@@ -1,5 +1,5 @@
---
-title: Denying access to a previously approved OAuth App for your organization
+title: Denying access to a previously approved OAuth app for your organization
intro: 'If an organization no longer requires a previously authorized {% data variables.product.prodname_oauth_app %}, owners can remove the application''s access to the organization''s resources.'
redirect_from:
- /articles/denying-access-to-a-previously-approved-application-for-your-organization
@@ -12,7 +12,7 @@ versions:
topics:
- Organizations
- Teams
-shortTitle: Deny OAuth App access
+shortTitle: Deny {% data variables.product.prodname_oauth_app %} access
---
{% data reusables.profile.access_org %}
diff --git a/content/organizations/managing-oauth-access-to-your-organizations-data/disabling-oauth-app-access-restrictions-for-your-organization.md b/content/organizations/managing-oauth-access-to-your-organizations-data/disabling-oauth-app-access-restrictions-for-your-organization.md
index 37594d35326a..bbccc8c419eb 100644
--- a/content/organizations/managing-oauth-access-to-your-organizations-data/disabling-oauth-app-access-restrictions-for-your-organization.md
+++ b/content/organizations/managing-oauth-access-to-your-organizations-data/disabling-oauth-app-access-restrictions-for-your-organization.md
@@ -1,5 +1,5 @@
---
-title: Disabling OAuth App access restrictions for your organization
+title: Disabling OAuth app access restrictions for your organization
intro: 'Organization owners can disable restrictions on the {% data variables.product.prodname_oauth_apps %} that have access to the organization''s resources.'
redirect_from:
- /articles/disabling-third-party-application-restrictions-for-your-organization
@@ -12,7 +12,7 @@ versions:
topics:
- Organizations
- Teams
-shortTitle: Unrestrict OAuth Apps
+shortTitle: Unrestrict {% data variables.product.prodname_oauth_app %}s
---
{% danger %}
diff --git a/content/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization.md b/content/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization.md
index 912768fe356e..d5b16b5074db 100644
--- a/content/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization.md
+++ b/content/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization.md
@@ -1,5 +1,5 @@
---
-title: Enabling OAuth App access restrictions for your organization
+title: Enabling OAuth app access restrictions for your organization
intro: 'Organization owners can enable {% data variables.product.prodname_oauth_app %} access restrictions to prevent untrusted apps from accessing the organization''s resources while allowing organization members to use {% data variables.product.prodname_oauth_apps %} for their personal accounts.'
redirect_from:
- /articles/enabling-third-party-application-restrictions-for-your-organization
@@ -12,7 +12,7 @@ versions:
topics:
- Organizations
- Teams
-shortTitle: Restrict OAuth Apps
+shortTitle: Restrict {% data variables.product.prodname_oauth_app %}s
---
{% data reusables.organizations.oauth_app_restrictions_default %}
diff --git a/content/organizations/managing-programmatic-access-to-your-organization/about-programmatic-access-in-your-organization.md b/content/organizations/managing-programmatic-access-to-your-organization/about-programmatic-access-in-your-organization.md
index f1b1da1856a5..cd17437be8cc 100644
--- a/content/organizations/managing-programmatic-access-to-your-organization/about-programmatic-access-in-your-organization.md
+++ b/content/organizations/managing-programmatic-access-to-your-organization/about-programmatic-access-in-your-organization.md
@@ -5,7 +5,7 @@ permissions: Organization owners can control programmatic access in their organi
topics:
- Organizations
- GitHub Apps
- - OAuth Apps
+ - OAuth apps
- API
shortTitle: About programmatic access
versions:
diff --git a/content/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests.md b/content/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests.md
index a3fbe456514b..4757513c73c7 100644
--- a/content/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests.md
+++ b/content/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests.md
@@ -1,5 +1,5 @@
---
-title: Limiting OAuth App and GitHub App access requests
+title: Limiting OAuth app and GitHub App access requests
intro: 'As an organization owner, you can choose whether to allow outside collaborators to request organization access for {% data variables.product.prodname_oauth_apps %} and {% data variables.product.prodname_github_apps %}.'
versions:
feature: limit-app-access-requests
@@ -7,7 +7,7 @@ permissions: Organization owners can limit who can make app access requests to t
topics:
- Organizations
- GitHub Apps
- - OAuth Apps
+ - OAuth apps
shortTitle: Limit app access requests
redirect_from:
- /organizations/managing-organization-settings/limiting-oauth-app-and-github-app-access-requests
diff --git a/content/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request-with-a-merge-queue.md b/content/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request-with-a-merge-queue.md
index 5573584a1635..75696f952f65 100644
--- a/content/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request-with-a-merge-queue.md
+++ b/content/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request-with-a-merge-queue.md
@@ -103,6 +103,8 @@ You can view the merge queue for a base branch in various places on {% data vari
-## Handling pull requests removed from the merge queue
+## Understanding why your pull request was removed from the merge queue
{% data reusables.pull_requests.merge-queue-reject %}
+
+{% data reusables.pull_requests.merge-queue-removal-reasons %}
diff --git a/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue.md b/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue.md
index f057bf2abfca..9d5eb139ac38 100644
--- a/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue.md
+++ b/content/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue.md
@@ -20,10 +20,9 @@ redirect_from:
{% data reusables.pull_requests.merge-queue-overview %}
-The merge queue creates temporary branches with a special prefix to validate pull request changes. The changes in the pull request are then grouped into a `merge_group` with the latest version of the `base_branch` as well as changes ahead of it in the queue. {% data variables.product.product_name %} will merge all these changes into `base_branch` once the checks required by the branch protections of `base_branch` pass.
+For more information on merging a pull request using a merge queue, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request-with-a-merge-queue)."
-
-For information about merge methods, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges)."
+## Configuring continuous integration (CI) workflows for merge queues
{% note %}
@@ -34,15 +33,13 @@ For information about merge methods, see "[AUTOTITLE](/pull-requests/collaborati
{% endnote %}
-{% data reusables.pull_requests.merge-queue-reject %}
-
### Triggering merge group checks with {% data variables.product.prodname_actions %}
-You can use the `merge_group` event to trigger your {% data variables.product.prodname_actions %} workflow when a pull request is added to a merge queue. Note that this is a different event from the `pull_request` and `push` events.
+You **must** use the `merge_group` event to trigger your {% data variables.product.prodname_actions %} workflow when a pull request is added to a merge queue.
{% note %}
-**Note:** If your repository uses {% data variables.product.prodname_actions %} to perform required checks on pull requests in your repository, you need to update the workflows to include the `merge_group` event as an additional trigger. Otherwise, status checks will not be triggered when you add a pull request to a merge queue. The merge will fail as the required status check will not be reported.
+**Note:** If your repository uses {% data variables.product.prodname_actions %} to perform required checks on pull requests in your repository, you need to update the workflows to include the `merge_group` event as an additional trigger. Otherwise, status checks will not be triggered when you add a pull request to a merge queue. The merge will fail as the required status check will not be reported. The `merge_group` event is separate from the `pull_request` and `push` events.
{% endnote %}
@@ -54,32 +51,93 @@ on:
merge_group:
```
-For more information, see "[AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#merge-group)."
+For more information on the `merge_group` event, see "[AUTOTITLE](/actions/using-workflows/events-that-trigger-workflows#merge_group)."
-### Triggering merge group checks with other CI providers
+### Triggering merge group checks with third-party CI providers
-With other CI providers, you may need to update your CI configuration to run when a branch that begins with the special prefix `gh-readonly-queue/{base_branch}` is created.
+With third-party CI providers, you will need to update your CI configuration to run when a branch that begins with the special prefix `gh-readonly-queue/{base_branch}` is pushed to. These are the temporary branches that are created on your behalf by a merge queue and contain a different `sha` from the pull request.
## Managing a merge queue
Repository administrators can require a merge queue by enabling the branch protection setting "Require merge queue" in the protection rules for the base branch. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule#creating-a-branch-protection-rule)."
-
-Once you have enabled "require merge queue," you can also access the following settings:
+Once you have enabled the "Require merge queue" setting, you can also access the following settings:
- **Merge method**: Select which method to use when merging queued pull requests: merge, rebase, or squash.
-- **Build concurrency**: Select the maximum number of pull requests to build (between 1 and 100). This setting limits the number of queued pull requests that can run CI checks at the same time.
+- **Build concurrency**: The maximum number of `merge_group` webhooks to dispatch (beween `1` and `100`), throttling the total amount of concurrent CI builds. This affects the velocity of merges that a merge queue can complete.
+-
+ **Only merge non-failing pull requests**: This setting determines how a merge queue forms groups of pull requests to be merged.
+
+ | Enabled? | Description |
+ | -------- | ----------- |
+ | Yes | All pull requests must satisfy required checks to be merged. |
+ | No | Pull requests that have failed required checks can be added to a group as long as the last pull request in the group has passed required checks. If the last pull request in the group has passed required checks, this means that the checks have passed for the combined set of changes in the merge group. Leaving this checkbox unselected can be useful if you have intermittent test failures, but don't want false negatives to hold up the queue. |
-- **Merge limits**: Select the minimum and maximum number of pull requests to merge in a single group (between 1 and 100), and a timeout after which the queue should stop waiting for more entries and merge with fewer than the minimum number of pull requests.
+- **Status check timeout**: Choose how long the queue should wait for a response from CI before assuming that checks have failed.
-- **Only merge non-failing pull requests**: This setting determines how the merge queue forms groups of pull requests to be merged.
+-
+ **Merge limits**: Select the minimum and maximum number of pull requests to merge in a single group (between `1` and `100`), and a timeout after which the queue should stop waiting for more entries and merge with fewer than the minimum number of pull requests. Exactly how many PRs are included in a group depends on a merge queue's settings:
- If selected, only pull requests that are passing their required CI checks can be added to a group. This can be useful if you want to maintain a history where every commit is in a good state, or if you run different sets of checks for different pull requests.
+ | Merge Limit | Use Case |
+ | ----------- | -------- |
+ | Maximum pull requests to merge | You can specify a maximum group size, which is useful if merges to your base branch trigger a deployment, and you want to make sure you’re not deploying too many changes at once. |
+ | Minimum pull requests to merge | You can specify a minimum group size, which is useful if merges to your base branch trigger a lengthy CI build or deploy process, and you don’t want to hold up the following entries in the queue. |
+ | Wait time | You can specify a timeout for reaching the minimum group size, which allows smaller groups to merge if there are no more PRs queued within your specified time limit. |
- If unselected, pull requests that have failed required checks can be added to a group as long as the last pull request in the group has passed required checks. If the last pull request in the group has passed required checks, this means that the checks have passed for the combined set of changes in the merge group. Leaving this checkbox unselected can be useful if you have intermittent test failures, but don't want false negatives to hold up the queue.
+## How merge queues work
-- **Status check timeout**: Choose how long the queue should wait for a response from CI before assuming that checks have failed.
+As pull requests are added to the merge queue, the merge queue ensures that they are merged in a first-in-first-out order where the required checks are always satisfied.
+
+A merge queue creates temporary branches with a special prefix to validate pull request changes. When a pull request is added to the merge queue, the changes in the pull request are grouped into a `merge_group` with the latest version of the `base_branch` as well as changes from pull requests ahead of it in the queue. {% data variables.product.product_name %} will merge all these changes into the `base_branch` once the checks required by the branch protections of `base_branch` pass.
+
+For information about merge methods, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges)."
+
+#### Successful CI
+
+When multiple pull requests are added to the merge queue and when the temporary `merge_group` branches have successful CI results, they are both merged. In the following scenario, two pull requests are successfully added to the queue and merged to the target branch.
+
+1. User adds pull request #1 to the merge queue.
+1. The merge queue creates a temporary branch with the prefix of `main/pr-1` that contains code changes from the target branch and pull request #1. A `merge_group` webhook event of type `checks_requested` is dispatched and the merge queue will await a response from your CI provider.
+1. User adds pull request #2 to the merge queue.
+1. The merge queue creates a temporary branch with the prefix of `main/pr-2` that contains code changes from the target branch, pull request #1, and pull request #2, and dispatches webhooks.
+1. When the {% data variables.product.product_name %} API receives successful CI responses for `merge_group` branches `main/pr-1` and `main/pr-2`, the temporary branch `main/pr-2` will be merged in to the target branch. The target branch now contains both changes from pull request #1 and #2.
+
+#### Failing CI
+
+{% data reusables.pull_requests.merge-queue-reject %}
+
+The following scenario outlines what happens when a CI reports a failing status about one pull request.
+
+1. User adds pull request #1 to the merge queue.
+1. The merge queue creates a temporary branch with the prefix of `main/pr-1` that contains code changes from the target branch and pull request #1. A `merge_group` webhook event of type `checks_requested` is dispatched and the merge queue will await a response from your CI provider.
+1. User adds pull request #2 to the merge queue.
+1. The merge queue creates a temporary branch with the prefix of `main/pr-2` that contains code changes from the target branch, pull request #1, and pull request #2, and dispatches webhooks.
+1. When the {% data variables.product.product_name %} API receives a failing status for `main/pr-1`, the merge queue automatically removes pull request #1 from the merge queue.
+1. The merge queue recreates the temporary branch with the prefix of `main/pr-2` to only contain changes from the target branch and pull request #2.
+1. When the {% data variables.product.product_name %} API receives successful CI responses for `merge_group` branch `main/pr-2`, the temporary branch `main/pr-2` will be merged in to the target branch without pull request #1 included.
+
+{% data reusables.pull_requests.merge-queue-removal-reasons %}
+
+#### Jumping to the top of the queue
+
+When adding a pull request to a merge queue, there is an option to move your pull request to the top of the queue.
+
+{% note %}
+
+**Note:** Be aware that jumping to the top of a merge queue will cause a full rebuild of all in-progress pull requests, as the reordering of the queue introduces a break in the commit graph. Heavily utilizing this feature can slow down the velocity of merges for your target branch.
+
+{% endnote %}
+
+The following scenario outlines what happens when a user jumps the queue.
+
+1. User adds pull request #1 to the merge queue.
+1. The merge queue creates a temporary branch with the prefix of `main/pr-1` that contains code changes from the target branch and pull request #1. A `merge_group` webhook event of type `checks_requested` is dispatched and the merge queue will await a response from your CI provider.
+1. User adds pull request #2 to the merge queue.
+1. The merge queue creates a temporary branch with the prefix of `main/pr-2` that contains code changes from the target branch, pull request #1, and pull request #2, and dispatches webhooks.
+1. User adds pull request #3 to the merge queue with the jump option which introduces a break in the commit graph.
+1. The merge queue creates a temporary branch with the prefix of `main/pr-3` that contains code changes from the target branch and pull request #3, and dispatches webhooks.
+1. The merge queue recreates the temporary branches with the prefix of `main/pr-1` and `main/pr-2` that contain the changes from pull request #3, and dispatches webhooks.
## Further reading
diff --git a/content/repositories/creating-and-managing-repositories/troubleshooting-cloning-errors.md b/content/repositories/creating-and-managing-repositories/troubleshooting-cloning-errors.md
index 7bbfed29ca64..37b2491658cc 100644
--- a/content/repositories/creating-and-managing-repositories/troubleshooting-cloning-errors.md
+++ b/content/repositories/creating-and-managing-repositories/troubleshooting-cloning-errors.md
@@ -129,7 +129,7 @@ $ ssh -T git@{% data variables.command_line.codeblock %}
```
{% ifversion fpt or ghec %}
-If the repository belongs to an organization and you're using an SSH key generated by an OAuth App, OAuth App access may have been restricted by an organization owner. For more information, see "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions)."
+If the repository belongs to an organization and you're using an SSH key generated by an {% data variables.product.prodname_oauth_app %}, {% data variables.product.prodname_oauth_app %} access may have been restricted by an organization owner. For more information, see "[AUTOTITLE](/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions)."
{% endif %}
For more information, see [Adding a new SSH key to your GitHub account](/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account).
diff --git a/content/rest/codespaces/organizations.md b/content/rest/codespaces/organizations.md
index b271ece9708d..0d0e6ae76b32 100644
--- a/content/rest/codespaces/organizations.md
+++ b/content/rest/codespaces/organizations.md
@@ -15,7 +15,7 @@ autogenerated: rest
You can manage {% data variables.product.prodname_codespaces %} billed to your
organization. These endpoints are available for authenticated
-organization admins and OAuth Apps, but not GitHub Apps. For more information,
+organization admins and {% data variables.product.prodname_oauth_app %}s, but not GitHub Apps. For more information,
see "[AUTOTITLE](/codespaces)."
diff --git a/content/rest/guides/discovering-resources-for-a-user.md b/content/rest/guides/discovering-resources-for-a-user.md
index e6f467b51007..cdb925740c04 100644
--- a/content/rest/guides/discovering-resources-for-a-user.md
+++ b/content/rest/guides/discovering-resources-for-a-user.md
@@ -22,7 +22,7 @@ To interact with the {% ifversion fpt or ghec %}{% data variables.product.prodna
## Getting started
-If you haven't already, you should read the ["Basics of Authentication"][basics-of-authentication] guide before working through the examples below. The examples below assume that you have [registered an OAuth application][register-oauth-app] and that your [application has an OAuth token for a user][make-authenticated-request-for-user].
+If you haven't already, you should read the ["Basics of Authentication"][basics-of-authentication] guide before working through the examples below. The examples below assume that you have [registered an {% data variables.product.prodname_oauth_app %}][register-oauth-app] and that your [application has an OAuth token for a user][make-authenticated-request-for-user].
## Discover the repositories that your app can access for a user
diff --git a/content/rest/guides/rendering-data-as-graphs.md b/content/rest/guides/rendering-data-as-graphs.md
index d00b5142cf6b..12b579f8145a 100644
--- a/content/rest/guides/rendering-data-as-graphs.md
+++ b/content/rest/guides/rendering-data-as-graphs.md
@@ -25,9 +25,9 @@ guide before starting this example. You can find the complete source code for th
Let's jump right in!
-## Setting up an OAuth application
+## Setting up an {% data variables.product.prodname_oauth_app %}
-First, [register a new application][new oauth application] on {% data variables.product.product_name %}. Set the main and callback
+First, [register a new application](https://github.com/settings/applications/new) on {% data variables.product.product_name %}. Set the main and callback
URLs to `http://localhost:4567/`. As [before][basics-of-authentication], we're going to handle authentication for the API by
implementing a Rack middleware using [sinatra-auth-github][sinatra auth github]:
@@ -376,4 +376,3 @@ arguments to `drawTreemap` above, to get all the information to show up properly
[D3 treemap]: https://www.d3-graph-gallery.com/treemap.html
[language api]: /rest/repos#list-repository-languages
[platform samples]: https://github.com/github/platform-samples/tree/master/api/ruby/rendering-data-as-graphs
-[new oauth application]: https://github.com/settings/applications/new
diff --git a/content/rest/oauth-authorizations.md b/content/rest/oauth-authorizations.md
index 06940bee233d..b725605eb507 100644
--- a/content/rest/oauth-authorizations.md
+++ b/content/rest/oauth-authorizations.md
@@ -1,6 +1,6 @@
---
title: OAuth authorizations
-intro: Use the REST API to manage the access OAuth applications have to your account.
+intro: Use the REST API to manage the access {% data variables.product.prodname_oauth_app %}s have to your account.
versions:
ghes: '*'
topics:
@@ -12,6 +12,6 @@ autogenerated: rest
## About OAuth authorizations
-You can use the REST API to manage the access OAuth applications have to your account. You can only access these endpoints via basic authentication using your username and password, not tokens.
+You can use the REST API to manage the access {% data variables.product.prodname_oauth_app %}s have to your account. You can only access these endpoints via basic authentication using your username and password, not tokens.
diff --git a/content/rest/orgs/webhooks.md b/content/rest/orgs/webhooks.md
index d215d2da01d1..28fd2fc1ef96 100644
--- a/content/rest/orgs/webhooks.md
+++ b/content/rest/orgs/webhooks.md
@@ -23,8 +23,8 @@ All actions against organization webhooks require the authenticated user to be a
In order to protect sensitive data which may be present in webhook configurations, we also enforce the following access control rules:
-- OAuth applications cannot list, view, or edit webhooks which they did not create.
-- Users cannot list, view, or edit webhooks which were created by OAuth applications.
+- {% data variables.product.prodname_oauth_app %}s cannot list, view, or edit webhooks which they did not create.
+- Users cannot list, view, or edit webhooks which were created by {% data variables.product.prodname_oauth_app %}s.
### Receiving Webhooks
diff --git a/content/rest/overview/troubleshooting.md b/content/rest/overview/troubleshooting.md
index e0511872b25a..413f6570c7f4 100644
--- a/content/rest/overview/troubleshooting.md
+++ b/content/rest/overview/troubleshooting.md
@@ -76,7 +76,7 @@ curl -H 'Authorization: Bearer YOUR-TOKEN' https://api.github.com/user/repos
For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)" and "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app)."
-For OAuth Apps, you should use the [web application flow](/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps#web-application-flow) to generate an OAuth token to use in the API call's header:
+For {% data variables.product.prodname_oauth_app %}s, you should use the [web application flow](/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps#web-application-flow) to generate an OAuth token to use in the API call's header:
```bash
curl -H 'Authorization: Bearer YOUR-OAUTH-TOKEN' https://api.github.com/user/repos
diff --git a/content/webhooks-and-events/webhooks/replacing-github-services.md b/content/webhooks-and-events/webhooks/replacing-github-services.md
index 1f490d0ed06b..4818ad9e5aa3 100644
--- a/content/webhooks-and-events/webhooks/replacing-github-services.md
+++ b/content/webhooks-and-events/webhooks/replacing-github-services.md
@@ -53,10 +53,10 @@ To replace GitHub Services with Webhooks:
2. Change your configuration depending on how you currently use GitHub Services:
- **GitHub Apps**: Update your app's permissions and subscribed events to configure your app to receive the relevant webhook events.
- - **OAuth Apps**: Request either the `repo_hook` and/or `org_hook` scope(s) to manage the relevant events on behalf of users.
+ - **{% data variables.product.prodname_oauth_app %}s**: Request either the `repo_hook` and/or `org_hook` scope(s) to manage the relevant events on behalf of users.
- **GitHub Service providers**: Request that users manually configure a webhook with the relevant events sent to you, or take this opportunity to build an app to manage this functionality. For more information, see "[AUTOTITLE](/apps/creating-github-apps/setting-up-a-github-app/about-creating-github-apps)."
-3. Move additional configuration from outside of GitHub. Some GitHub Services require additional, custom configuration on the configuration page within GitHub. If your service does this, you will need to move this functionality into your application or rely on GitHub or OAuth Apps where applicable.
+3. Move additional configuration from outside of GitHub. Some GitHub Services require additional, custom configuration on the configuration page within GitHub. If your service does this, you will need to move this functionality into your application or rely on GitHub or {% data variables.product.prodname_oauth_app %}s where applicable.
## Supporting {% data variables.product.prodname_ghe_server %}
diff --git a/contributing/content-style-guide.md b/contributing/content-style-guide.md
index 9aa9e068fb9a..5546e76ecec5 100644
--- a/contributing/content-style-guide.md
+++ b/contributing/content-style-guide.md
@@ -386,7 +386,7 @@ Some best practices for using links:
- Do not include the `apiVersion` query parameter in REST links unless you need to link to a specific calendar version of the REST docs. (This should be a rare occurance.)
For accessibility and readability, avoid inline or midsentence links.
-- **Use:** OAuth2 tokens can be acquired programmatically for applications that are not websites. For more information, see "[Setting up and registering OAuth Apps](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/)" and "[Create a new authorization](https://docs.github.com/en/enterprise-server@2.22/rest/reference/oauth-authorizations/#create-a-new-authorization)."
+- **Use:** OAuth2 tokens can be acquired programmatically for applications that are not websites. For more information, see "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-user-access-token-for-a-github-app)" and "[AUTOTITLE](/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps)."
- **Avoid:** Read [more about OAuth2.](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/) Note that OAuth2 tokens can be [acquired programmatically](https://docs.github.com/en/enterprise-server@2.22/rest/reference/oauth-authorizations/#create-a-new-authorization), for applications that are not websites.
For more information on links and accessibility, see “[Links](https://readabilityguidelines.co.uk/content-design/links/)” in the Readability Guidelines project.
@@ -1247,13 +1247,36 @@ Spell out acronyms the first time they’re used in an article, except in titles
### Apps
-Use "apps" or "applications" in general content.
+Use "app" or "application" in general content.
- **Use:** Publish and list your apps in GitHub Marketplace
-Use "Apps" when referring to specific apps or types of apps.
-- **Use:** GitHub App, OAuth App
+Use "app" when referring to OAuth apps since these are not a product.
+- **Use:** Register an OAuth app
+- **Use:** Register an {% data variables.product.prodname_oauth_app %}
+- **Avoid:** Register an OAuth App
-GitHub Apps is always capitalized, because it’s a feature name.
+Use "App" when referring to GitHub Apps since this is a product.
+- **Use:** Register a GitHub App
+- **Use:** Register a {% data variables.product.prodname_github_app %}
+
+GitHub Apps and OAuth apps consist of two parts: the app registration, and the code that makes the app do something.
+
+- To refer to just the GitHub App settings/configuration in the GitHub UI, use terminology like "register" and "GitHub App registration".
+ - **Use:** Register a GitHub App
+ - **Use:** Update a GitHub App registration
+ - **Avoid:** Create a GitHub App
+ - **Avoid:** Modify a GitHub App
+
+- To refer to just the code for the app, use terminology like "code for your app" or "your app's code".
+ - **Use:** code for your app
+ - **Use:** code for your GitHub App
+ - **Use:** your app's code
+ - **Avoid:** Your GitHub App
+ - **Avoid:** Your OAuth app
+
+- To refer to the whole app collectively (registration + code), refer to it as a GitHub App or OAuth app.
+
+GitHub Apps can be installed on organization and user accounts. To refer to an installation of the app, use "GitHub App installation" instead of "GitHub App".
### Currency
diff --git a/contributing/translations-for-writers.md b/contributing/translations-for-writers.md
index b47940bf8166..98f18206fc0e 100644
--- a/contributing/translations-for-writers.md
+++ b/contributing/translations-for-writers.md
@@ -32,4 +32,4 @@ Use the following checklist to help make your files more translation-friendly. F
| Avoid using ambiguous modal auxiliary verbs. | May, might, ought, could, used to, etc. | Be more clear when writing to avoid ambiguity. |
| Avoid prepositional phrases. | "According to the repository log..." or "After trying many times..." | Write the sentence more directly. |
| Avoid vague nouns and pronouns. | "Maintainers and contributors have access to files and comments. In the pull request they make changes to it." In this example, it is not clear if the changes are being made to the file or to the comments. Another example: “After saving the file in the folder, the user deleted it.” In this sentence, it is not clear what was deleted (a file or a folder). | If a pronoun seems to refer to more than one antecedent, either reword the sentence to make the antecedent clear or replace the pronoun with a noun to eliminate ambiguity. |
-| Keep inline links to a minimum. | Read [more about OAuth2.](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/) Note that OAuth2 tokens can be [acquired programmatically](https://docs.github.com/en/enterprise-server@2.22/rest/reference/oauth-authorizations/#create-a-new-authorization), for applications that are not websites. | OAuth2 tokens can be acquired programmatically for applications that are not websites. For more information, see "[Setting up and registering OAuth Apps](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/)" and "[Create a new authorization](https://docs.github.com/en/enterprise-server@2.22/rest/reference/oauth-authorizations/#create-a-new-authorization)." |
+| Keep inline links to a minimum. | Read [more about OAuth2.](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/) Note that OAuth2 tokens can be [acquired programmatically](https://docs.github.com/en/enterprise-server@2.22/rest/reference/oauth-authorizations/#create-a-new-authorization), for applications that are not websites. | OAuth2 tokens can be acquired programmatically for applications that are not websites. For more information, see "[Setting up and registering OAuth apps](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/)" and "[Create a new authorization](https://docs.github.com/en/enterprise-server@2.22/rest/reference/oauth-authorizations/#create-a-new-authorization)." |
diff --git a/data/allowed-topics.js b/data/allowed-topics.js
index 5f13ac8732e6..51c7ea0947ce 100644
--- a/data/allowed-topics.js
+++ b/data/allowed-topics.js
@@ -103,7 +103,7 @@ export default [
'Node',
'Nonprofits',
'Notifications',
- 'OAuth Apps',
+ 'OAuth apps',
'Open Source',
'Organizations',
'Packages',
diff --git a/data/features/supply-chain-features-swift-support.yml b/data/features/supply-chain-features-swift-support.yml
new file mode 100644
index 000000000000..c1a48b16fe64
--- /dev/null
+++ b/data/features/supply-chain-features-swift-support.yml
@@ -0,0 +1,6 @@
+# Reference: #10144.
+# Advisory Database + Dependency Graph + Dependabot Alerts support Swift [GA]
+versions:
+ fpt: '*'
+ ghec: '*'
+ ghes: '>=3.10'
diff --git a/data/glossaries/external.yml b/data/glossaries/external.yml
index 510c80a684ea..c3b2b408b5b6 100644
--- a/data/glossaries/external.yml
+++ b/data/glossaries/external.yml
@@ -338,8 +338,7 @@
that they configure and control.
- term: integration
description: >-
- A third-party application that integrates with GitHub. These can be GitHub
- Apps, OAuth Apps, or webhooks.
+ A third-party application that integrates with GitHub. These are often {% data variables.product.prodname_github_app %}s, {% data variables.product.prodname_actions %}, or custom actions. For more information, see "[AUTOTITLE](/get-started/exploring-integrations/about-building-integrations)."
- term: issue
description: >-
Issues are suggested improvements, tasks or questions related to the
@@ -459,12 +458,12 @@
description: >-
Updates, delivered by either the web or email depending on your settings,
that give you information about the activities you're interested in.
-- term: OAuth App
+- term: OAuth app
description: >-
A third-party application that uses access tokens rather than passwords to
access information for users.
- term: OAuth token
- description: The access token used in OAuth Apps to access information for users.
+ description: The access token used by {% data variables.product.prodname_oauth_app %}s to access information for users.
- term: outside collaborator
description: >-
A user who has been given access to one or more of an organization’s
@@ -659,7 +658,7 @@
use it across GitHub in issues and pull requests.
- term: scope
description: >-
- Named groups of permissions that an OAuth App can request to access both
+ Named groups of permissions that an {% data variables.product.prodname_oauth_app %} or {% data variables.product.pat_v1 %} can request to access both
public and non-public data.
- term: seat
description: >-
diff --git a/data/graphql/ghae/schema.docs-ghae.graphql b/data/graphql/ghae/schema.docs-ghae.graphql
index 14400d0522e3..5cf7f9ba39ee 100644
--- a/data/graphql/ghae/schema.docs-ghae.graphql
+++ b/data/graphql/ghae/schema.docs-ghae.graphql
@@ -38726,6 +38726,11 @@ enum SecurityAdvisoryEcosystem {
Rust crates
"""
RUST
+
+ """
+ Swift packages
+ """
+ SWIFT
}
"""
diff --git a/data/reusables/apps/maximum-oauth-apps-allowed.md b/data/reusables/apps/maximum-oauth-apps-allowed.md
index dd573ce6f5e0..93f9a85433a4 100644
--- a/data/reusables/apps/maximum-oauth-apps-allowed.md
+++ b/data/reusables/apps/maximum-oauth-apps-allowed.md
@@ -1 +1 @@
-{% ifversion fpt or ghec %}A user or organization can own up to 100 OAuth apps.{% endif %}
+{% ifversion fpt or ghec %}A user or organization can own up to 100 {% data variables.product.prodname_oauth_app %}s.{% endif %}
diff --git a/data/reusables/apps/user-to-server-rate-limits.md b/data/reusables/apps/user-to-server-rate-limits.md
index 9cd24e63126a..1f6c64fd3097 100644
--- a/data/reusables/apps/user-to-server-rate-limits.md
+++ b/data/reusables/apps/user-to-server-rate-limits.md
@@ -1 +1 @@
-{% ifversion ghes %}By default, user access token{% else %}User access token{% endif %} requests are limited to {% ifversion ghae %}15,000{% elsif fpt or ghec or ghes %}5,000{% endif %} requests per hour and per authenticated user. All requests from OAuth applications authorized by a user or a {% data variables.product.pat_generic %} owned by the user, and requests authenticated with any of the user's authentication credentials, share the same quota of {% ifversion ghae %}15,000{% elsif fpt or ghec or ghes %}5,000{% endif %} requests per hour for that user.
+{% ifversion ghes %}By default, user access token{% else %}User access token{% endif %} requests are limited to {% ifversion ghae %}15,000{% elsif fpt or ghec or ghes %}5,000{% endif %} requests per hour and per authenticated user. All requests from {% data variables.product.prodname_oauth_app %}s authorized by a user or a {% data variables.product.pat_generic %} owned by the user, and requests authenticated with any of the user's authentication credentials, share the same quota of {% ifversion ghae %}15,000{% elsif fpt or ghec or ghes %}5,000{% endif %} requests per hour for that user.
diff --git a/data/reusables/audit_log/audit-log-action-categories.md b/data/reusables/audit_log/audit-log-action-categories.md
index 405b10dae628..a5a2fa712640 100644
--- a/data/reusables/audit_log/audit-log-action-categories.md
+++ b/data/reusables/audit_log/audit-log-action-categories.md
@@ -86,9 +86,9 @@
| `migration` | Contains activities related to transferring data from a *source* location (such as a {% data variables.product.prodname_dotcom_the_website %} organization or a {% data variables.product.prodname_ghe_server %} instance) to a *target* {% data variables.product.prodname_ghe_server %} instance.
{%- endif %}
| `oauth_access` | Contains activities related to OAuth access tokens.
-| `oauth_application` | Contains activities related to OAuth Apps.
+| `oauth_application` | Contains activities related to {% data variables.product.prodname_oauth_app %}s.
{%- ifversion fpt or ghec %}
-| `oauth_authorization` | Contains activities related to authorizing OAuth Apps.
+| `oauth_authorization` | Contains activities related to authorizing {% data variables.product.prodname_oauth_app %}s.
{%- endif %}
| `org` | Contains activities related to organization membership.
{%- ifversion ghec or ghes or ghae %}
diff --git a/data/reusables/gcm-core/next-time-you-clone.md b/data/reusables/gcm-core/next-time-you-clone.md
index 6b84876ad93d..a44cc0120e71 100644
--- a/data/reusables/gcm-core/next-time-you-clone.md
+++ b/data/reusables/gcm-core/next-time-you-clone.md
@@ -1 +1 @@
-The next time you clone an HTTPS URL that requires authentication, Git will prompt you to log in using a browser window. You may first be asked to authorize an OAuth app.{% ifversion not ghae %} If your account or organization requires [two-factor auth](/authentication/securing-your-account-with-two-factor-authentication-2fa), you'll also need to complete the 2FA challenge.{% endif %}
+The next time you clone an HTTPS URL that requires authentication, Git will prompt you to log in using a browser window. You may first be asked to authorize an {% data variables.product.prodname_oauth_app %}.{% ifversion not ghae %} If your account or organization requires [two-factor auth](/authentication/securing-your-account-with-two-factor-authentication-2fa), you'll also need to complete the 2FA challenge.{% endif %}
diff --git a/data/reusables/pull_requests/merge-queue-overview.md b/data/reusables/pull_requests/merge-queue-overview.md
index de3f17b68043..0336fa41aa81 100644
--- a/data/reusables/pull_requests/merge-queue-overview.md
+++ b/data/reusables/pull_requests/merge-queue-overview.md
@@ -1,5 +1,9 @@
-A merge queue can increase the rate at which pull requests are merged into a busy target branch while ensuring that all required branch protection checks pass.
+A merge queue helps increase velocity by automating pull request merges into a busy branch and ensuring the branch is never broken by incompatible changes.
-Once a pull request has passed all of the required branch protection checks, a user with write access to the repository can add that pull request to a merge queue.
+The merge queue provides the same benefits as the **Require branches to be up to date before merging** branch protection, but does not require a pull request author to update their pull request branch and wait for status checks to finish before trying to merge.
-A merge queue may use {% data variables.product.prodname_actions %}. For more information, see "[AUTOTITLE](/actions)."
+Using a merge queue is particularly useful on branches that have a relatively high number of pull requests merging each day from many different users.
+
+Once a pull request has passed all required branch protection checks, a user with write access to the repository can add the pull request to the queue. The merge queue will ensure the pull request's changes pass all required status checks when applied to the latest version of the target branch and any pull requests already in the queue.
+
+A merge queue may use {% data variables.product.prodname_actions %} or your own CI provider to run required checks on pull requests in a merge queue. For more information, see "[AUTOTITLE](/actions)."
diff --git a/data/reusables/pull_requests/merge-queue-references.md b/data/reusables/pull_requests/merge-queue-references.md
index e01a67b042da..0919a9eeddf9 100644
--- a/data/reusables/pull_requests/merge-queue-references.md
+++ b/data/reusables/pull_requests/merge-queue-references.md
@@ -1,2 +1,2 @@
-For information about merge queue, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue)."
+For more information about merge queues, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue)."
diff --git a/data/reusables/pull_requests/merge-queue-reject.md b/data/reusables/pull_requests/merge-queue-reject.md
index d7a40d171613..4d7246461579 100644
--- a/data/reusables/pull_requests/merge-queue-reject.md
+++ b/data/reusables/pull_requests/merge-queue-reject.md
@@ -1,2 +1,2 @@
-After grouping a pull request with the latest version of the target branch and changes ahead of it in the queue, if there are failed required status checks or conflicts with the base branch, {% data variables.product.product_name %} will remove the pull request from the queue. The pull request timeline will display the reason why the pull request was removed from the queue.
+After grouping a pull request with the latest version of the target branch and changes ahead of it in the queue, if there are failed required status checks or conflicts with the base branch, the pull request will be removed from the queue. The pull request timeline will display the reason why the pull request was removed from the queue.
diff --git a/data/reusables/pull_requests/merge-queue-removal-reasons.md b/data/reusables/pull_requests/merge-queue-removal-reasons.md
new file mode 100644
index 000000000000..019be3a0660f
--- /dev/null
+++ b/data/reusables/pull_requests/merge-queue-removal-reasons.md
@@ -0,0 +1,6 @@
+There are a number of reasons a pull request can be removed from a merge queue:
+
+- Configured CI service is reporting test failures for a merge group
+- Timed out awaiting a successful CI result based off the configured timeout setting
+- User requesting a removal via the API or merge queue interface
+- Branch protection failure that could not automatically be resolved
diff --git a/data/reusables/shortdesc/authorizing_oauth_apps.md b/data/reusables/shortdesc/authorizing_oauth_apps.md
index 09e76d7eae1b..d75e5602e193 100644
--- a/data/reusables/shortdesc/authorizing_oauth_apps.md
+++ b/data/reusables/shortdesc/authorizing_oauth_apps.md
@@ -1 +1 @@
-You can enable other users to authorize your OAuth App.
+You can enable other users to authorize your {% data variables.product.prodname_oauth_app %}.
diff --git a/data/reusables/shortdesc/creating_custom_badges_oauth_apps.md b/data/reusables/shortdesc/creating_custom_badges_oauth_apps.md
index f2c602b885b4..051498f4a2ed 100644
--- a/data/reusables/shortdesc/creating_custom_badges_oauth_apps.md
+++ b/data/reusables/shortdesc/creating_custom_badges_oauth_apps.md
@@ -1 +1 @@
-You can replace the default badge on your OAuth App by uploading your own logo image and customizing the background.
+You can replace the default badge on your {% data variables.product.prodname_oauth_app %} by uploading your own logo image and customizing the background.
diff --git a/data/reusables/shortdesc/creating_oauth_apps.md b/data/reusables/shortdesc/creating_oauth_apps.md
index 16fc0410092d..0a590a88ff5b 100644
--- a/data/reusables/shortdesc/creating_oauth_apps.md
+++ b/data/reusables/shortdesc/creating_oauth_apps.md
@@ -1 +1 @@
-You can create and register an OAuth App under your personal account or under any organization you have administrative access to. While creating your OAuth app, remember to protect your privacy by only using information you consider public.
+You can create and register an {% data variables.product.prodname_oauth_app %} under your personal account or under any organization you have administrative access to. While creating your {% data variables.product.prodname_oauth_app %}, remember to protect your privacy by only using information you consider public.
diff --git a/data/reusables/shortdesc/deleting_oauth_apps.md b/data/reusables/shortdesc/deleting_oauth_apps.md
index 61efb0b05597..05c92f297f06 100644
--- a/data/reusables/shortdesc/deleting_oauth_apps.md
+++ b/data/reusables/shortdesc/deleting_oauth_apps.md
@@ -1 +1 @@
-You can delete OAuth Apps when you no longer use them.
+You can delete {% data variables.product.prodname_oauth_app %}s when you no longer use them.
diff --git a/data/reusables/shortdesc/modifying_oauth_apps.md b/data/reusables/shortdesc/modifying_oauth_apps.md
index 85907ba04ee4..9453ef0d06ef 100644
--- a/data/reusables/shortdesc/modifying_oauth_apps.md
+++ b/data/reusables/shortdesc/modifying_oauth_apps.md
@@ -1 +1 @@
-After creating and registering an OAuth App, you can make changes to it.
+After creating and registering an {% data variables.product.prodname_oauth_app %}, you can make changes to it.
diff --git a/data/reusables/shortdesc/transferring_ownership_of_oauth_apps.md b/data/reusables/shortdesc/transferring_ownership_of_oauth_apps.md
index 464804504756..3bacc80b4209 100644
--- a/data/reusables/shortdesc/transferring_ownership_of_oauth_apps.md
+++ b/data/reusables/shortdesc/transferring_ownership_of_oauth_apps.md
@@ -1 +1 @@
-You can transfer ownership of an OAuth App to another user or organization.
+You can transfer ownership of an {% data variables.product.prodname_oauth_app %} to another user or organization.
diff --git a/data/reusables/supported-languages/swift.md b/data/reusables/supported-languages/swift.md
index f3e0492f6af4..d847f63d414c 100644
--- a/data/reusables/supported-languages/swift.md
+++ b/data/reusables/supported-languages/swift.md
@@ -1 +1,2 @@
-| Swift | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Unsupported" %} | {% octicon "x" aria-label="Unsupported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %}
Swift Package Manager |
\ No newline at end of file
+| Swift | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Unsupported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %}
Swift Package Manager |
+
diff --git a/data/variables/product.yml b/data/variables/product.yml
index 92ed1a0fc3f4..c1a7dabbaa0e 100644
--- a/data/variables/product.yml
+++ b/data/variables/product.yml
@@ -117,8 +117,8 @@ pat_v1_caps_plural: >-
prodname_marketplace: 'GitHub Marketplace'
prodname_github_app: 'GitHub App'
prodname_github_apps: 'GitHub Apps'
-prodname_oauth_app: 'OAuth App'
-prodname_oauth_apps: 'OAuth Apps'
+prodname_oauth_app: 'OAuth app'
+prodname_oauth_apps: 'OAuth apps'
# API and developer docs
prodname_enterprise_api: '{% ifversion ghes %}GitHub Enterprise Server{% elsif ghae %}GitHub AE{% endif %} APIs'
diff --git a/src/graphql/data/ghae/schema.json b/src/graphql/data/ghae/schema.json
index 99831fefb119..2feb77a2a51f 100644
--- a/src/graphql/data/ghae/schema.json
+++ b/src/graphql/data/ghae/schema.json
@@ -67941,6 +67941,10 @@
{
"name": "RUST",
"description": "Rust crates.
"
+ },
+ {
+ "name": "SWIFT",
+ "description": "Swift packages.
"
}
]
},